The Australian Cyber Security Centre (ACSC) receives one report of a cyber breach every ten minutes. That’s 144 reports of cybercrime a day. Leadership teams and boards are taking notice, with 74% of security decision-makers reporting that their organisation’s sensitive data may have been potentially compromised or breached in the last 12 months, according to the ACSC’s Annual Cyber Threat Report.
The ever-increasing requirements in this field are also reflected in national job growth for Cyber Security roles over the past decade, with job ads increasing by 170% between 2013 and 2023, according to Seek Cyber Security Data (Oct 2023). National demand is currently sitting at high levels, similar to those pre-pandemic in late 2019.
The goal of Cyber Security Awareness Month is to educate individuals and businesses around how best to combat cyberattacks. We sat down with Sean Jacobs, Paxus’ group IT manager, to find out how we at Paxus, as a 100% cloud-based company, approach cyber security.
Why is cyber security so important within the IT recruitment industry?
Sean: Cyber security should be a top priority in every industry, but for us specifically it’s critical because recruitment is a predominantly online industry, which means we have a much larger attack surface. We are also a completely cloud-based company. Instead of maintaining an on-premise infrastructure, we made the decision to move entirely into the cloud. This has given us more flexibility and agility, we do not need a large internal IT team to support our IT environment and we have more of a global presence. Of course, it also meant that we were able to quickly transition to a remote working environment when the global pandemic hit. Being cloud-based has enormous benefits, but it also presents some key challenges, particularly around cyber security. We are very aware of this and although according to Statista most business spend around 12% of their IT budgets on cyber security, we dedicate about 20% of our IT budget to cyber security.
How do you ensure that your IT team stays informed about the latest cybersecurity threats and vulnerabilities relevant to the recruitment industry?
Sean: The key is to stay up-to-date and informed about any industry news. Our team regularly attends training sessions, and we receive alerts from the Computer Emergency Response Team Australia (CERT Australia) and the Cybersecurity and Infrastructure Security agency (CISA). We also participate in IT industry specific forums to stay connected to what other professionals and businesses are experiencing and we leverage our relationship with our service provider, DXC Technology, a tier one service provider globally. We have regular status meetings with them twice a week where we discuss our IT environments, any new threats we’ve experienced or new threats that have been identified across the technology landscape.
What role does technology play in cyber security?
Sean: Holistically, effective cyber security requires experts proactively managing environments and the latest technology. For example, we subscribe to several threat intelligence platforms. These platforms send out proactive alerts, but we also integrate their technology into our environment so that their threat intelligence systems scan our environments, and we can stay up-to-date with any security patches that apply to our systems.
We’ve also implemented Darktrace, an artificial intelligence (AI) solution that monitors our internal network, all of our communications via email, and everything that is stored in OneDrive. Unlike antivirus software, which needs to be updated for the latest patches to address vulnerabilities and new malicious software, Darktrace spends time in the background learning how your business operates and how to recognise ‘usual’ activity. It then goes live and proactively monitors all communications, patterns of work and the domains your business engages with. Anything unusual is flagged and blocked until it can be reviewed. As an example, if a team member is traveling and logs on from a different continent, this will be flagged, and their access revoked until Darktrace receives the all clear because we know they are working from an unusual geographic area. We’re also receiving half the amount of spam emails as previously and no malware has managed to make its way into our system.
We’ve mentioned internal expertise and technology. How important are partners when it comes to cyber security?
Sean: I don’t believe any business can—or should—do this by itself. Today you need to be a cloud specialist, security specialist, cyber security specialist and more. It’s almost impossible to have all the expertise you need inhouse. It’s also not necessary. We only see what’s happening inside our business, for example, but DXC, our managed service provider, is dealing with cyber security every day, across multiple industries. Outsourcing our infrastructure management to DXC, who are best in breed in what they do, also releases the pressure on our internal IT department. Maintaining cyber security certifications is intensive, and as I’ve mentioned, our small team cannot be specialists in everything. Instead, we’ve identified what we want to do inhouse and where we can have partners.
Are there any specific examples where this has clearly protected the business and your IT infrastructure?
Sean: We use Cloudflare as our domain name system (DNS) partner because they are specifically set up to prevent denial of service attacks, which is exactly what happened a few months ago. Because recruitment is online, our industry is a prime target for denial-of-service attacks. However, Cloudflare has the infrastructure to detect attacks and quickly remediate them. All that happened was that we did not have email for a few hours. No data or systems were breached, and our clients were unaffected. If the attacked had been successful and we had lost the ability to operate for 24 hours or longer, our business would have been impacted as well as our clients and candidates. Working with the right partners is critical.
Which metrics do you leverage as a sign that your cyber security initiatives are working?
Sean: We are regularly audited, by our Parent company auditors and our clients. To ensure we are compliant we are ISO27001 certified, and we follow the NIST framework and are compliant, although not certified, with Essential Eight. On a more day-to-day basis, we carefully monitor our service tickets and what incidents are being raised and review the regular reports we receive from DXC. The key to cyber security is that it is an ongoing process. The threat landscape is changing every day, and we must adapt to it to stay ahead. That’s really what cyber awareness is all about—staying proactive and aware of the entire cyber environment, both internally and externally.
__
To combat the Cyber Security threat, having the latest technologies at your disposal is only half of the solution. You also need the right people behind it.
Cyber security professionals are highly trained and sought-after. As threats continue, so do opportunities for jobs in this area. Play a central role fighting against cyberattacks by applying to one of our open roles today. Or reach out to our team if you’re looking for recruitment support in the Cyber Security space.