Next

Security spotlight:
The cost of human
error and the advantages
of automation
Why organisations are reconsidering manual approaches to managing security,
and how intelligent automation helps to prevent potential threats from slipping
through costly cracks.
 Previous Next

In this eBook:

2

01 Introduction
Cybercrime is on the rise
Cybercrime is rife right now. As companies
embrace digital transformation and adapt to
hybrid models of work, cyber attackers are
on the move, too. One can almost hear them
rubbing their hands together at the prospect
of invading this rapidly evolving landscape.
The cost to business is growing fast and, even
within organisations with seemingly watertight
cybersecurity strategies in place, risks abound.
Last financial year, the Australian Cyber Security
Centre received over 67,500 reports of
cybercrime – a rise of 13 year on year – with
self-reported losses totalling over $33 billion.
Of these incidents, roughly one quarter of them
affected entities associated with Australia’s
critical infrastructure.
Outwitting the cybercriminals
As cybercriminals become craftier, organisations
must become smarter about how they handle
cybersecurity. In fact, there’s growing pressure on
organisations to comply with more comprehensive
rules and regulations when it comes to data
security and privacy.
Ouch. The cost of cybercrime in Australia.
67,500
Reported cyberattacks
$33 billion
In self-reported losses
13
Growth in number of attacks, YOY
Source: ACSC Annual Cyber Threat Report, 2020-21
Previous Next
For example, most Australian federal government
agencies must now comply with the ACSC Essential
Eight risk mitigation strategies. And the proposed
Security Legislation Amendment (Critical
Infrastructure Bill) 2020 (Cth) may increase the
regulatory burden on any organisation that deals
with critical infrastructure – from communications
and financial services companies, to food and
grocery providers.
Shoring up your defences
The best place to start with cybersecurity?
Looking at where existing flaws lie. Too often,
even with the strongest cybersecurity strategies
in place, human error gets in the way of compliance.
Small mistakes lead to huge holes in your system,
and this is where the cybercriminals get through.
It’s why organisations are now looking to automate
as much of their security strategy as possible.
In this report, we’ll explore the human-induced
risks in the fight against cybercrime and show
how automating key cybersecurity risk mitigation
strategies helps remove the burden on IT while
shoring up your overall defences.
3

02 Security is
a human problem
Humans make mistakes
We are an optimistic species. Guided by a ‘glass
half full’ attitude, we often underestimate or
misinterpret risk. For example, many believe
flying is more dangerous than driving. In reality,
the likelihood of fatality from a car accident is far
higher than the likelihood of a plane crash.
What does this have to do with cybersecurity?
Our inability to accurately assess risk has a huge
impact on security. For example, say a technician
manually updates a firewall. They make one
small mistake, which they don’t perceive to be
a problem. Yet this tiny error exposes a critical
vulnerability, which the cybercriminals quickly
pounce on.
From patching applications and updating firewalls,
to setting and enforcing administrative privileges,
so many elements of the security puzzle are at
risk of human error. And as cybercriminals get
better at identifying human vulnerabilities,
these human errors can have detrimental or
irrecoverable consequences.
Oops. Humans aren’t perfect.
“Inadvertent breaches from human
error and system glitches were the
cause for nearly half (49 ) of the
data breaches.”
Source: IBM Cost of a Data Breach Report, 2019
Previous Next
Skills shortages make things worse
Compounding the issue of human error is the
fact that cybersecurity skills are in short supply.
There are simply not enough people out
there who truly understand how to assess and
address security risks. According to the (ISC)²
Cybersecurity Workforce Study, Australia needs
25,000 more cyber security workers to close its
cyber security gap.
This chronic shortage of cybersecurity experts
makes it hard for organisations to adequately
manage risk. Resources are stretched, and IT
professionals don’t have the time to enforce
security processes across the organisation –
let alone establish them in the first place.
Augmenting it all with automation
To solve the twin problems of human error and
skills shortages, automation is proving essential
in the fight against cybercrime. As we will explore
below, it provides much-needed consistency,
accuracy and scalability across the organisation.
4

03 Common challenges
Today’s security legislation
requires automation
To counter the growing threat of cybercrime,
regulators are tightening the rules for companies
that deal with data. Organisations need to be ready.
The proposed changes to the Critical Infrastructure
Bill 2020, for example, could affect thousands
of organisations in Australia – adding a new layer
of responsibility around security and reporting
on infrastructure.
Failure to adhere to the rules could give
government the power to take over the reins
of a company until they can prove an ability to
operate securely again.
Common cybersecurity challenges
Previous Next
Yet organisations face a range of obstacles
In the quest to enhance security, organisations face
several challenges – particularly around how to
manage change. Common questions include:
• How do we scale our team to implement a new
cybersecurity initiative?
• How do we support different parts of the
organisation to ensure new security protocols
are adhered to?
•How do we better secure our existing legacy
systems, which delivery critical services,
while maintaining the new levels of security
the organisation demands?
• Can we implement strategies like zero trust on
legacy architectures?
Instead of seeing all this as a burden, though,
organisations can view proposed rules and growing
threats as an opportunity to reassess their security
practice and implement more rigorous protocols.
38
Keeping up with rapidly changing threats
34
Educating about risk and behaviour
31
Shoring up internal cyber security posture
30
Need for cybersecurity training
30
Legal/financial ramifications of data breaches
Source: CompTIA, State of the Channel 2021
5
 Previous Next

04 Security automation
Automating key elements of your
cybersecurity strategy
To reduce risk and help combat cybercrime,
organisations are turning to cybersecurity
automation. By automating mundane,
repeatable work, cybersecurity teams can focus
on more critical, strategic tasks. Plus, automation
helps overcome the obstacles that arise due to
both human error and human limitations.
Let’s use the ACSC Essential Eight as an example
of how automation can support security strategies.
Even though this framework was originally intended
for government agencies, more organisations are
turning to the Essential Eight for risk management.
And many are finding that, while it provides
a valuable framework, it does not deliver a way to
consistently reduce human error – especially in
this period of constrained resources, higher demand
for technical skills, and lack of skilled employees.
Increasingly, IT leaders are realising that some
elements of the framework can and should be
automated. Here are some examples of where
automation makes sense.

Automating the ACSC Essential Eight

Application control Application and operating Backup and restore

Automated changes to
application control state
across the hybrid cloud
system patching
Automated backup,
Automated pre-flight checks, restore and verification testing
content promotion,
and post-update verification
and testing

6

Perfecting the process of patching
For example, to help prevent attacks, the Essential
Eight recommends that organisations patch
applications and regularly apply updates to protect
against malicious security issues. It’s not only best
practice to patch applications as soon as you’re
alerted to updates, but it’s often a regulatory
requirement too. The problem is, patching is
always subject to human error and it can take
a huge amount of time in large organisations.
Patching is a great use case for automated
workflows. Instead of relying on an IT employee
to perform testing, set up pre-flight checks and
run the patches, it’s now possible to automate
verification and testing – so it all happens smoothly,
seamlessly, and securely behind the scenes.
“It is simply unrealistic to expect human teams to catch
potential cybersecurity events reliably. Implementing
automation could be vital in order to reliably protect
your organisation and ensure resilience through robust
and repeatable processes.”
Source: Forbes, 2019, Is cybersecurity automation the future?
Previous Next
Managing administrative privileges
To limit the extent of attacks, the Essential Eight
recommends that you restrict administrative
privileges. Controlling privileged access helps
secure infrastructure and applications, run business
processes efficiently, and maintain the confidentiality
of sensitive data and critical infrastructure.
Only a small handful of people within your
organisation should have global control.
Working out who should have privileges is hard;
creating a small ‘blast zone’, so that if someone
misuses their credentials it doesn’t affect the
whole organisation, can be harder.
By automating privileged access management
workflows and storing access credentials centrally
– without needing to inject these into applications
where they can potentially be leaked – the whole
process becomes much simpler and more reliable.
7
 Previous Next

05 Red Hat’s role

Building a future-proofed cybersecurity practice
The Red Hat platform automates previously manual processes, helping to mitigate the risk of oversights
caused by human-based constraints. The open-source solution delivers flexibility and scalability across
clouds and architectures, enabling organisations to deploy in their current and future environments.
With automation at the pinnacle of any cybersecurity maturity model, the good news is there are
practical steps that any organisation can take today to iteratively add layers of automation, and strip out
manual processes. Here’s how key Red Hat solutions can help with both risk mitigation and response.

Red Hat Ansible Automation Platform
Red Hat Ansible is a human-readable automation
language that takes complex manual processes
and turns them into automated workflows.
It automates and integrates different security
solutions that can investigate and respond to
threats across the enterprise in a coordinated,
unified way using a curated collection of modules,
roles and playbooks.
For example, Red Hat Ansible automates:
Red Hat Enterprise Linux (RHEL)
RHEL takes a practical, 3-point approach to
addressing security challenges: mitigate, secure,
and comply.
Scanning and remediation is built-in to RHEL,
removing the burden of manual effort. Application
control is a critical risk mitigation strategy in the
ACSC Essential Eight guide, which helps ensure
that non-approved applications – including
malicious code – are prevented from executing.

• Patching for common vulnerabilities and exposures

•A
 pplication control updates for new applications
• Backup and restore/verification processes

8
Securing your future
Red Hat is here to help secure your organisation’s future
No business leader wants to face the scrutiny of their Board
following a cyber attack that results from human error or a lack of
the right risk mitigation strategies. Red Hat can help you plan and
implement a solid cybersecurity framework – so you can state with
confidence that your organisation is doing all it can to reduce the
risk or severity of an attack.