Such companies are providing dated centralised processing which effectively deploys a "cookie-cutter approach" that isn’t agile or adaptable enough in this environment to offer custom detection of threats, Adam McCarthy, co-founder of ParaFlare, told iTWire during an interview.
McCarthy spent 14 years with the Australian Defence Force where he responsible for the delivery and operation of niche cyber and ICT capabilities, including standalone and sensitive operations.
He has also held senior positions with multiple Australian Defence programs. He has also worked with the Australian Federal Police, Telstra, the US State Department and US Department of Defence, and has served in multiple operations throughout APAC and EMEA.
He said, unfortunately, there was a perception that the technical solution should be provided first.
"For example, when we receive inbound requests, we always ask for the outcome they are seeking and trying to receive, as technology is just a tool. What we want to provide is an all-encompassing outcome."
He said when he used the term large multinationals, it included global players who thought the tech solution would solve problems, and relied on vendors to solve the problem which just created a false economy. "If they follow that line of thinking, they can only deal with known threats, rather than unknown threats," he added.
Asked how cyber security requirements in Australia were different from other countries, McCarthy said it came down to the local government's legislation.
"Every government has a different one. It also depends on the industry – in Australia, for example, we have specific legislation pertaining to critical infrastructure that is different to that required in the UK.
"If we are otherwise looking at technical fundamental requirements, they are consistent globally. When asking what does good detection look like - it should be consistent globally. How it's governed is how it's different."
McCarthy said custom detection of threats was needed because there were threats unique to Australia. "Threats are unique to industry verticals and unique to the type of organisation you are dealing with," he explained.
"While there are consistencies across the globe, geopolitical goals and objectives that nations set are different and unique. There are, for example, certain IP and resources that are unique to Australia.
"Some threats could be consistent with other threats that we see globally, but it always depends on what the specific organisation deals with every day, including which clients, customers and relationships they have with suppliers – all this unique data fits within a unique threat profile. It can be more or less unique based on your organisation and whether you have a unique capability. If you do, then you will have particular threats specifically targeting your organisation."
Asked for his opinion about the Federal Government's recently released 2020 cyber security strategy and whether it was too prescriptive, McCarthy replied that he would not describe as such.
"I'd actually go as far as to say it's not prescriptive enough. I believe it doesn't go far enough to talk about how it is investing in grassroots Australian capability and how they are going to invest in the operationalisation of the strategy - I thought there would be more actionable activities coming from it," he said.
"There was also no funding for AustCyber and that's quite honestly appalling - their mandate is to provide a growth avenue and opportunities for the development of cyber capability in Australia, and not funding the federal entity that the Australian cyber security strategy is meant to support is dumbfounding.
"It has allocated $1.6 billion to be spent on a huge amount of other capabilities other than focusing on growing it. It goes towards the government not looking at how to grow its grassroots capability."
Asked why Australian public sector bodies tended to almost automatically plump for an external solution when it came to technology — even though there are many worthy local contenders — McCarthy said once again "we are still talking about technology and organisations in the public sector looking at technology solutions rather than at the outcome, and how they can look to provide business resiliency, as well as how to quickly and effectively solving it".
McCarthy said he had referred to developing human intelligence to improve the country's cyber security posture because humans were ultimately the ones operating technology and driving breaches.
"You have to keep in mind that there are people at the end of keyboards trying to extract something from systems and for their financial gain," he said. "If you are going to fight at the technical rather than human level, you are not going to satisfy the ultimate objective to make the economy resilient.
"We need intelligent humans to interpret complex information from technology, which is just a tool - otherwise we are relying on machines to respond to threats within a dynamic environment. And that means we'll be fighting a losing battle.
"We've lost sight of focusing on what the problems are and dealing with that methodically with smart people first and foremost, and we are instead racing to technology as the silver bullet, but that's not the answer.
"Tech is just a tool to enable the solution and isn't often the 'gizmo' to solve their problems. But you need human intelligence to give the future of our country's cyber security capability a chance."