The interest in centralised logging within the Australian domestic market at this year’s CyberCon Australia was stronger than we’ve seen over the last decade.
After sitting down and talking with several cyber leaders from this region, we discovered four common themes:
The Essential 8
No surprise here really. With the recent activity in the Australian domestic space, people were seeking to understand how to best meet the logging requirements of the Essential 8.
A core tenet of the Essential 8 requires that all the assets you manage must generate and record logs. This means storing and protecting all the activity that occurs on your network devices, servers and desktops over an extended period of time for both threat recognition and forensic purposes.
Snare provides a solution that allows you to gather and store your server, device, application and desktop logs in a cost effective and easy to use appliance.
Reducing the Cost of Logging
Another very high priority this year. Discussions revolved around reducing the ever-increasing SIEM ingestion costs that organisations are facing as their logging requirements continue to grow in both volume and scope. Many saw this as their greatest challenge, as budgets are being heavily impacted, but compromising on what is collected is not an option.
Snare’s solution provides you with the capability to significantly reduce the impact of centrally managing your logged data while remaining complementary to your current SIEM solution.
Plugging the Holes In Logging
Plugging holes was closely tied to the costs associated with ingestion. As organisations begin to assess their compliance, they are starting to identify holes in their current logging strategy. In some cases the technologies they are using don’t cover everything they need to be compliant. In other cases, their current tech just can’t handle the event volumes thrown at it. Then there were those who believed they couldn’t afford to plug the holes and cover what was needed.
Snare’s solution is designed to help resolve these issues and more. Snare Agents are constantly updated to meet the evolving challenges of the modern information technology landscape. They filter out the noise and ensure that you don’t miss an event. With no ingestion costs you’ll be able to cost effectively collect the needed forensics from all systems and applications in your environment while also addressing your compliance requirements.
Events over the last few years have really reinforced the value of sovereign capabilities, and this was a topic that came up in most discussions we had during the conference. The drivers were both external and intrinsic for many organisations. Board level interest in Australian-built solutions was coupled with a State and Federal level push for sovereign tech, particularly in the security ecosphere.
As one person put it:
“We constantly remind people that we need to ensure that the Aussie data we manage remains under sovereign control; yet some are willing to put that data at risk by using technologies from people that aren’t subject to our laws, regulations and controls”.
As a proud Australian company supporting the National Defence of many nations, we were not surprised by the increased interest in sovereign technology in Cyber.
For us this was the strongest recognition of the value of solutions developed in Australia that we have yet experienced in the 23-year history of our company. Australia has considerable talent, and this truly was great to hear.