Authomize is excited to officially announce the availability of its Identity Threat Detection and Response Platform via Microsoft data centers located in Australia.
By making the move to Australia-based cloud centers, Authomize is meeting local data sovereignty and compliance regulations, clearing the way for Australian organizations to start using the platform. The presence in Australian data centers has been operational since November, offering customers the same high availability and scalability level of Authomize’s global infrastructure.
This investment is driven by customer demand in Australia, particularly in the finance and insurance sectors, as well as Authomize’s ongoing relationship with the Australian government.
Much of this demand has been driven by the evolving threat landscape facing Australian organizations following a rash of data breaches, which in turn has led to a renewed effort by the government to call for higher levels of security practices by the industry.
A Sharp Rise in Data Breaches in 2022
According to the Australian Cyber Security Centre (ACSC), there were 76,000 cyber incidents reported in 2022, marking a 13% increase from the year before.
The attacks have led to the theft and exposure of personal data belonging to millions of Australians, drawing a harsh response from government officials.
In recent statements, Australia’s Minister for Home Affairs and Cybersecurity Clare O’Neil said that the Medicare, Optus and Latitude data breaches were only the “tip of the iceberg” in the cyber threats Australia faced in the years ahead.
Government officials, including O’Neil say that the perpetrators of the attacks against Australian organizations are a combination of both state and criminal groups. With tensions rising with China following the signing of the newish AUKUS defense pact with the United States and the United Kingdom, concerns have grown that China’s robust cyber forces may turn more of their attention to their neighbors to the south.
Minister O’Neil has been perhaps the most vocal critic of the state of cybersecurity affairs in Australia, calling out industry for failing to meet what she has described as basic steps that could be taken to protect their customers’ data.
In a statement following one of the major incidents of the past year, O’Neil told parliament that, “Responsibility for the security breach rests with Optus and I want to note that the breach is of a nature that we should not expect to see in a large telecommunications provider in this country.”
In hopes of raising the level of defenses, O’Neil has begun an effort to restructure Australia’s cybersecurity posture and response capabilities. Part of this effort has revolved around encouraging organizations to implement the measures of the Essential Eight Maturity Model.
The Essential Eight Maturity Model
This model lays out eight areas of security processes for organizations to measure themselves against, helping them to understand where they are in terms of vulnerability and aim for where they should be if they hope to be more secure.
The eight areas are:
- Application control
- Patch applications
- Configure Microsoft Office macro settings
- User application hardening
- Restrict administrative privileges
- Patch operating systems
- Multi-factor authentication
- Regular backups
According to reporting by the government, there has been some improvement in adoption rates in 2022 with 11% declaring that they have achieved Maturity Level 2, up from 4% in 2021. So while the numbers are low, there is movement.
If Australian organizations hope to meet the basic standards of Level 2 on their path to Level 3, they are going to have to step up their game.
This is where Authomize can help.
Securing Identity and Access
The two key areas where Authomize’s Identity Threat Detection and Response (ITDR) Platform can play a measurable role for meeting Essential Eight requirements are in restricting administrative privileges and multi-factor authentication.
Offering unprecedented visibility and continuous monitoring across all identities, access privileges, assets, and the usage of access activity, Authomize enables organizations to easily reign in their privileges in line with Least Privilege principles.
By taking a usage-based approach to understanding who has access privileges to which assets, and how those privileges are being used, Authomize provides decision makers with contextual identity intelligence to help them revoke stale and risky excessive privileges.
This intelligence, including if an admin has MFA enabled, is already being used by Microsoft Identity Protection customers to enrich their Risky Users data, helping them to understand who their most at risk identities are in order to better protect them.
As a leader in ITDR, Authomize capitalizes on comprehensive visibility into the identity and access management (IAM) infrastructure like your Identity Provider (IdP) to detect risks and active threats. By connecting to all of the cloud infrastructures and apps in your environments, Authomize extends the visibility of your identity management solutions for stronger security controls.
Continuing Global Expansion
The Australian data center joins Authomize’s AWS and Azure sites throughout the US and other global locations, marking a new opportunity not only for Authomize’s customers but also for its partners.
“Authomize continues to build its offering to be easily accessible through partners, MSSPs, and cloud providers’ marketplaces,” says Authomize’s Chief Business Officer Ariel Cohen. “In the coming weeks we hope to announce additional local deployments to keep up with customer demands, including in the UK.”
To learn more about Authomize, ITDR, and how to secure your identities in the cloud, contact us or schedule a meeting with us at RSA.