Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

Aussie IT leaders: Web app proliferation increased attack vulnerability

Fastly and Ecosystm have released a white paper that has found 75 per cent of Australian businesses are now living with a vastly increased attack surface caused by their reliance on web-based applications.

user icon
Tue, 31 May 2022
Aussie IT leaders: Web app proliferation increased attack vulnerability
expand image

The Fastly and Ecosystm white paper collected data that revealed over half of businesses struggle to reduce the risk of attacks, leaving them fearful of compromise, particularly by nation-states and other types of threat actors.

According to Derek Rast, area vice president Australia and New Zealand at Fastly, as Australian companies move deeper into digital transformations, they come up against a known problem – the challenges of securing a rapidly rising number of mission-critical cloud services and API-centric applications.

"The tools these companies use to secure their digital-first, cloud-first and microservices-based architectures need to evolve.

============
============

"Traditional web application and API security tools fall short in this regard.

"Leveraging web application firewalls (WAFs) and content delivery networks (CDNs) should be part of a holistic defence-in-depth security strategy," Rast said.

With threat actors looking to attack less-protected entry points into corporate IT environments, large attack surfaces are routinely sought and tested out.

If critical cyber security skills shortages aren’t addressed, the study predicts this situation will continue if organisations do not employ detection technologies that are effective in production, provide real-time visibility, and integrate with existing tools and processes.

In partnership, Fastly and Ecosystm found that organisations in Australia are still struggling with some of the cyber security implications of these kinds of digital- and cloud-first operating models, after moving "en masse to more decentralised IT architectures over the past two years".

Cloud, web applications and the APIs that enable these apps to integrate and exchange data rate highly in the risk and challenge assessments by CIOs, IT directors and technology leaders of Australian organisations. API endpoints, cloud service provider authentication, and enterprise open-source software are all seen to pose considerable risks as potential entry points for attackers.

"Australian business leaders [are] on edge and fearful of attacks" according to the joint study, due to a lack of operational maturity and reliance on traditional defensive postures.

The survey revealed there is a concern among leaders of all business sizes over credential stuffing, which attackers may use to try to compromise cloud accounts and individual as-a-service logins, while 65 per cent of large enterprises in Australia rate nation state attacks as very high or high risk to their organisations.

Organisations need a modern cyber security posture that enables them to anticipate threats before they happen, and respond instantly when attacks occur, according to the Fastly and Ecosystm study. Organisations need security controls that are capable of automatically sensing, detecting, reacting, and responding to access requests, authentication needs, and outside and inside threats, the study further explained. Administration and application of these controls should also be automated to a high degree to improve coverage and consistency, in order to reduce the burden on security operations centres (SOCs) and cyber security practitioners.

The cyber maturity challenges faced by Australian companies is the lack of consistency in the operating parameters, the Fastly and Ecosystm study noted, which impact on the powers and preparedness of cyber threat and incident response teams.

The research also found that one in three cyber threat response teams lacks the support of key internal stakeholders and is unclear about escalation points for incident management. Additionally, these cyber threat response teams don't have the authority to confiscate or disconnect equipment or monitor suspicious activity, including from senior management.

When it comes to cyber threat response planning:

  • only 54 per cent have a full plan that includes legal and corporate communications teams;
  • 50 per cent rehearse the plan at least once a year, the other half practice less frequently or don’t practice at all; and
  • 48 per cent have a timeframe for additions and improvements for the plan and hold senior leaders responsible for making the improvements.

Enterprises are more likely than large or medium-sized organisations to have a multi-stakeholder plan that is well-rehearsed most likely due to being more likely to be subjected to regulated requirements for incident planning and response. This is supported in the study by compliance being identified as a major cyber security challenge facing organisations.

The data further reveals that medium and large organisations are more likely than enterprises to be rethinking the way they deploy applications and business logic to end users and to be in active pursuit of that target state.

The study was commissioned by Fastly and conducted in April-May 2022 and the responses represent the views of 200 cyber security decision-makers mostly CIOs, IT directors and equivalent titles, covering organisations of three sizes: medium (101 to 499 staff), large (500 to 999) and enterprise (1,000-plus staff) in Australia.

[Related: Infraud transnational cyber crime group members jailed in US federal prison]

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.