How can military strategy help to improve your cyber security posture?

Cyberspace has become a battleground – as the Australian Cyber Security Centre (ACSC) warned us in its most recent Cyber Threat Report. If you’re not already thinking like a military strategist to help improve your cyber security posture, now is the time to start.

Internationally, cyber attacks are becoming the preferred method of engagement for hostile nations looking to create havoc. For example, the ACSC has shared limited details about a forensics investigation at an Australian energy provider, following a breach in 2022. Fortunately, the malicious actors behind this were unable to disrupt energy operations, but there is no doubt these types of attacks are becoming more common – and more sophisticated.

However, you don’t need to be operating critical infrastructure to find yourself dropped into the frontline of this war – usually without warning and at great cost. More than 76,000 incident reports were made to the ACSC during the last financial year. This is the equivalent of one cyber security incident report every seven minutes.

It might be a bloodless war, but there will be pain – especially financial. Losses resulting from cybercrime are rising, on a cost per incident basis:

• $39,000 for small businesses
• $88,000 for medium businesses
• $62,000 for large businesses.

Email scams are by far the greatest threat. Australians lost nearly $100 million to email compromise incidents, according to the ACSC. It’s every organisation’s biggest vulnerability and the most likely way you’ll be drawn into the battle.

In other words, the time has come to harden your defences and get battle ready – because this is (cyber security) war.

Can military strategy really improve my cyber security?

Yes, it really can. Why? Because cyber security strategy already has a lot more in common with military strategy than you might realise. Both involve:

• Protecting assets
• Assessing threats and managing risk
• Constant innovation and adaptation to an ever-changing enemy.

Critically, both cyber and military need the perfect blend of offensive and defensive measures to be successful. Many people think that their cyber security posture will only improve with the right defensive tactics – keeping bad actors out of the network with firewalls, antivirus software and so on.

What many people don’t realise is you also need to be on the offensive, through adversary engagement, deception and denial activities. Or, as ancient Chinese military general Sun Tzu says in The Art of War:

“The supreme art of war is to subdue the enemy without fighting.”

In the military world, that means gathering intelligence, leveraging propaganda and even espionage. In the world of cyber security, we lean on the MITRE Engage framework, which helps to quickly identify an attacker’s vulnerabilities and how to take advantage of those vulnerabilities.

Why is offensive cyber security so important?

One word: ransomware. These attacks are becoming more common and rely on the attacker finding precious data and other resources in your systems, in the hope of extorting money from you. The longer they spend in the system, the worse it’s going to be for you.

Offensive cyber security techniques – also known as cyber deception – create confusion and chaos for anyone who isn’t meant to be inside your network, which will buy you precious time when you need it the most.

If you’re interested in finding out more about the technical side of cyber deception, check out this recent webinar.

Choose the right allies to improve your cyber security posture.

In any battle, choosing the right allies is essential. The same goes for improving your cyber security game. Pick your partners wisely, based on common interests and values.

For most Australian organisations, it doesn’t make sense to maintain your own internal cyber security practice. There are a few reasons for this, including the fact that the technology skills gap is making it incredibly difficult to find, hire and retain qualified staff. Read more on that in our recent article How to keep up to date with cyber security.

The right managed security service partner will be trained and ready to go into battle for you. They’ll have the right mix of defensive and offensive tactics in their arsenal to help you improve your overall cyber security posture and provide:

• Efficient security monitoring
• Faster incident response
• Fewer false positives
• Valuable insights.

Not all managed security partners are created equal, so take a moment to check out our recent article What is the easiest way to prevent cyber security breaches? for the four essential questions you must ask before selecting a partner to help you improve your cyber security response.

Find the ally you’re looking for.

Macquarie Cloud Services is at the frontline of Australian cyber security response. Our managed security services are provided by some of the most skilled cyber security professionals in the country, from one of the most technologically advanced SOCs in the world. This includes more than 200 staff cleared by the Australian Federal Government to manage classified government data, which we’ve done for more than a decade.

We’d love to discuss working together to prevent cyber security breaches against your organisation. Contact us on 1800 004 943 or email enquiries@macquariecloudservices.com to find out more.