TRENDING responding to access requests , authentication needs , and outside and inside threats .
Administration and application of these controls should also be automated to a high degree to improve coverage and consistency , and reduce the burden on Security Operations Centers ( SOCs ) and cybersecurity practitioners .
“ As Australian companies move deeper into Digital Transformations , they come up against a known problem : the challenges of securing a rapidly rising number of mission-critical cloud services and APIcentric applications ,” said Derek Rast , Area Vice President Australia and New Zealand at Fastly .
“ The tools these companies use to secure their digital-first , cloud-first and microservices- based architectures need to evolve . Traditional web application and API security tools fall short in this regard . Leveraging Web Application Firewalls ( WAFs ) and Content Delivery Networks ( CDNs ) should be part of a holistic defense-in-depth security strategy .”
Cyberthreat responsiveness is itself under threat
Illustrating perfectly the cyber maturity challenges faced by Australian companies is the lack of consistency in the operating parameters , powers and preparedness of cyberthreat and incident response teams .
The research finds one in three cyberthreat response teams lacks the support of key internal stakeholders , is unclear about escalation points for incident
Methodology
The study represents the views of 200 cybersecurity decision-makers – mostly CIOs , IT Directors and equivalent titles – in Australia . The study was commissioned by Fastly and conducted in April-May 2022 . It covers organizations of three sizes : medium ( 101 to 499 staff ), large ( 500 to 999 ) and enterprise ( 1,000-plus staff ).
management , and doesn ’ t have the authority to confiscate or disconnect equipment and monitor suspicious activity , including from senior management .
In addition , when it comes to cyberthreat response planning :
• Only 54 % have a full plan that includes legal and corporate communications teams
• 50 % rehearse the plan at least once a year , the other half practice less frequently or don ’ t practice at all
• 48 % have a timeframe for additions and improvements for the plan , and hold senior leaders responsible for making the improvements
Enterprises are more likely than large or mediumsized organizations to have a multi-stakeholder plan that is well-rehearsed . However , they ’ re also more likely to be subjected to regulated requirements for incident planning and response . This is supported in the study by compliance being identified as a major cybersecurity challenge facing organizations .
Enterprise still one step from the Edge
Medium and large organizations are more likely than enterprises to be rethinking the way they deploy applications and business logic to end-users and to be in active pursuit of that target state .
The research shows 64 % of medium-sized organizations and 56 % of large organizations are embracing Edge Computing , moving business logic from application servers to an edge cache . By contrast , just 43 % of enterprises are doing the same – 10 % below the overall average .
Moving business logic from the backend to the Edge not only increases application performance but can also substantially reduce an organization ’ s risk , since user requests are funnelled through a single ‘ front door ’, instead of to any number of servers that host the application . p
26 INTELLIGENTCIO APAC www . intelligentcio . com