NZ Government urged to lead in tackling cyber challenges
Splunk's Vice President for Australia and New Zealand, Craig Bates, has highlighted the urgent need for New Zealand to establish consistent standards and centralised investment in cybersecurity.
Speaking to TechDay in an exclusive interview, Bates emphasised the critical role of Government regulations and proactive measures in staying ahead of evolving cyber threats.
Bates' role involves guiding customers in Australia and New Zealand to effectively use Splunk's platform for enhancing security and resilience.
"We believe that security and resilience are fundamentally data problems," Bates explained. "You can't protect what you can't see. Our job is to help our customers adopt our tools, enabling them to achieve comprehensive visibility across their technology operations and identify threats or vulnerabilities in their networks."
He believes the rapidly changing landscape of cyber threats is exacerbated by the dual-edged sword of artificial intelligence (AI) technology. "While AI can significantly reduce the cybersecurity skills gap by automating administrative tasks, it also lowers the barrier to entry for cybercriminals."
"AI represents an opportunity to solve the biggest challenge, which is the skills shortage," he stressed. "But it also lowers the barrier for cybercriminals, requiring organisations to be constantly on the front foot to defend themselves."
Bates added the complexity of cybersecurity is further compounded by an evolving regulatory environment. It comes as Governments worldwide are racing to develop standards that keep pace with technological advancements.
He highlighted the importance of Government guidance in this area.
"Effective cybersecurity requires a holistic approach. Prescriptive guidance around what's required for Government agencies and organisations is essential," Bates said. "We're seeing good steps towards this in Australia with the Security of Critical Infrastructure Act and related measures."
When discussing the cybersecurity landscape in Australia and New Zealand, Bates acknowledged the shared challenges, particularly the cybersecurity skills gap.
"It's the top challenge I hear from customers in Australia and New Zealand. AI can help move the needle, but we also need ongoing education and grassroots efforts with universities to build the necessary skill set," he said.
Despite these efforts, Bates believes more needs to be done in New Zealand.
He urged the New Zealand Government to establish consistent standards and centralised investment as a strategy to get ahead of cyber challenges.
"Traditional ways of procuring technology systems are too slow for how quickly the space is moving. We need standards around security information and events that enable consistent decision-making across a broader surface area," Bates explained.
"This approach reduces the effort required across multiple agencies and enhances overall security more quickly."
Bates' advice to the New Zealand Government includes fostering private-public partnerships to provide guidance on effective security postures.
He emphasised the need for standardisation, which can help reduce the skills gap and ensure more consistent cybersecurity practices.
"Without clear direction, it becomes difficult to fund and understand what needs to be done. Standardisation allows for better decision-making and leverages the benefits of scale."
Speaking with TechDay, Bates also touched on the significant impact of recent advancements in AI on data security in the ANZ region.
"AI is changing the game. It helps close the skills gap but also introduces new attack vectors. Organisations need to adapt quickly to these changes."
Reflecting on recent major data breaches, Bates stressed the need for fundamental cybersecurity practices.
"The core capabilities of organisations to have the greatest possible understanding and visibility of their environment are critical. These breaches highlight the importance of staying ahead in terms of security posture," he noted.
Bates reiterated the need for New Zealand to follow in the footsteps of industry leaders by establishing consistent standards and centralised investment in cybersecurity.
He believes that these steps will enable the Government and other organisations to move more proactively and stay ahead of cyber threats in what has become an increasingly digital world.