Cybersecurity Maturity in Australia: The dawn of a … Kikos.pdf · Cybersecurity Maturity in...
Transcript of Cybersecurity Maturity in Australia: The dawn of a … Kikos.pdf · Cybersecurity Maturity in...
Cybersecurity Maturity in Australia: The dawn of a cyber secure nation…
Annemarie AJ Kikos
Research Director
Operating Model Transformation
New Digital Revenue Streams
Information Transformation
Information as a Competitive
Advantage
WorkSource Transformation
Ecosystem-based
Workforce
Omni-Experience Transformation
Blend Physical and Digital
Experiences
Leadership Transformation
An “Outside In” Business
Environment
65% of large
enterprises will become
information-based
companies
Digital Transformation: how do you transform - 5 dimensions
Source: IDC, C-suite Barometer 2016
Data as a strategic asset: how are companies progressing in Aus
Although at various stages, 94% recognises its value
Open Innovation Edge / IoT
SaaS
PaaS IaaS
Cloud Data Center
(Data) Security: a broader perspective is now required
10.1% 51.3% 21.1% 15.1% 2.4%
Naïve Novice
Employ basic
operational security
measures and act on
security needs as they
arise
Reactive Responder
Full-time staff address
most significant security
requirements but look to
external sources to provide
guidance in compliance-
oriented program
Compliant Companion
Solid security program and
control framework address
all regulator needs and
internal risk assessments
Proactive Partner
Robust security program
with strong compliance
and early exploration of
the cost effectiveness of
solutions
Predictive Professional
Risk recognized as an element
of overall business value
proposition for technology,
and the security strategy
approach seeks most efficient
and effective ways to manage
enterprise security
42.5% 41.2% 9.4% 6.1% 0.7%
Source: IDC Maturity Scape 2016 - Australia (Australia N=100, APAC N=852)
APAC
5 Security maturity stages: Australia is one of the most mature countries in AP
14.1%
Cloud
21.5%
Mobility
13.0%
Big Data
16.0%
Internet of Things
13.3%
Social
22.1%
Security
of companies in Australia are planning
to deploy a security solution in the next
12 months. (17% as a SaaS model) 63%
Security has the highest budget of the 3rd Platform Technologies
Source: IDC Mobility Survey 2015 (Australia n=500) , IDC Continuum Survey 2015 (Australia n=100)
Security is pushing the
budget up in 2016
IT security systems are the
#1 priority in 2016 vs #6 in
2015
Driving spending in storage
and servers in 2016
96% #1 43%
… and comes as a catalyst for other technology investments.
Source: IDC C-Suite Barometer 2016, Continuum Survey 2015 (Australia n=100)
Security
budget
across the
organisation
Increase of
cyber risk
estimation
and strategy
briefings to
the board
Increased
responsibility
for CISO
This has driven the CISO to be at the core of board discussions.
Governance and regulations
limitations/ restrictions
Top IT Challenges in Driving Business Forwards
Lack of required skill sets/ expertise
to effectively execute ICT
Lack of ICT budget
for the business
requirements IT
needs to support
Lack of
governance and
architecture
expertise/
framework
Lack of business unit stakeholders’ buy-in or support from CEO/ senior
management
Source: IDC Asia/Pacific C-suite Barometer Research 2016 (N=1,472 CxO; 667 CIO/CTO; 805 CEO/LoB) – QA14
Source: IDC Continuum Survey 2015 & 2016)
Risk management and data loss prevention
Business continuity and disaster recovery
Identity and access management
Regulations and governance framework
Vulnerability detection and
management
Network
security
Message
protection
Endpoint
security
The issues to address have evolved, with new focuses, but
investments across the board
Hotspot
(top 1 priority)
Warm
(top 2 priority)
Cold
(<10% picked)
Tepid
(top 3 priority)
Risk management & loss
prevention
Vulnerability detection &
management
Network security
Web security
Security Information & Event
Management
And priorities differ widely from one vertical to the other, due
to the various risks they face.
16 Source: IDC Asia/Pacific C-suite Barometer Research 2016 (N=1,472 CxO; 667 CIO/CTO; 805 CEO/LoB) – QA14
www.domain.com Phone: +1(123) 456 78 90 | e-mail: [email protected]
YOUR LOGO
Prevention
Endpoint, AV, firewalls,
patches, user training
Detection
Monitoring, analytics,
gateways, tags and
tethers
Mitigation
More process driven
than technological
Response
IT response, crisis
management response,
legal mitigation, PR
strategy
The best way to provide Cybersecurity of the 3rd platform is through
the distributed integrity model
Macro
econ
om
ic Tren
ds
Forecast
20
15
- 20
20
C
om
petitive
An
alysis A
dvice /
Gu
idan
ce
• Be aware that the security landscape is changing due to Digital
Transformation and 3rd Platform technologies
• Different risk priorities for different industries
• Business leaders need to make IT security and organization-wide
concern, and not leave it to IT to “figure it out”
• Be proactive vs reactive - security ought to be part of your DNA
• Secure your DC/cloud, mobile & IoT environments + be aware of what is
next
• Be aware of the blind spots
Essential Guidance
‘if your CEO doesn’t care about cybersecurity then how are
you going to deal with it’