Businesses remain united in the belief that security - and all it encompasses - stands tall as the overriding priority of the digital age.
But while the notion of securing the enterprise takes precedence across boardrooms in Australia, in reality, organisations remain weak on strategy, outlook and capabilities.
As such, a new breed of partner is emerging, as the channel grapples with changing market demands, new responsibilities and greater risk.
Currently, nearly a third of Australian organisations (32 per cent) have suffered a security breach in the past 12 months, prompted by a lack of interest from C-suite and directors at executive level.
Alluding to a lack of boardroom buy-in as the biggest security challenge facing businesses across the country, local organisations are proving to be from immune when protecting data and customers.
The perception is a market secured to the teeth however, with 78 per cent of Australian businesses currently housing a security incident plan. But all numbers aside, are such plans effective?
“I think it varies greatly across the market segments,” F5 Networks Manager of Systems Engineering A/NZ, Martyn Young, said.
“Australia there’s a handful of large accounts with considerable in-house expertise such as the telcos and banks which drive security policies internally.
“But as you move down the market you reach the more generalist IT sphere, where organisations don’t necessarily have a security guru on staff. They are the ones who require the most leadership and direction from partners.”
With staff and training regularly rated as overriding security concerns for companies during the next 12 months, alongside time and resource pressures for employees, Australian businesses are aimlessly ambling along, desperate to walk the security tightrope above a safety net.
“It depends on who the customer is,” Cisco General Manager of Security Sales A/NZ, Anthony Stitt, said. “What we need to see is a move away from that whole concept of ‘set and forget’ type security.
“The notion of building walls around a business, turning on a few switches and thinking everything is going to be okay is no longer enough for organisations.
“Organisations must make change and better understanding internal environments and practices. But it requires people and skills however, and they are always difficult to find in Australia.”
While Stitt acknowledges that progression is being made within the security space, a clear lack of strategic security planning continues to ensure organisations lurch from crisis to crisis.
“There’s not enough thought into business practices around security at present,” Fortinet Systems Engineering Team Lead, Krutartha Patel, added.
“Even though we read a lot about the threat landscape evolving, the reality is that these attacks are in fact happening, impacting not only the enterprise but small businesses also.
“I don’t think Australian businesses are doing enough to take a step back and evaluate whether they have efficient continuity plans in place. We’ve seen it from the Target attacks, people didn’t take any action even when the alarm bells were ringing and this needs to change in Australia.”
Following high-profile attacks such as Target, a more detailed evaluation of the challenges and gaps in the market is required, with organisations required to abandon reactive tactics in favour of proactive security thinking.
“While nobody wants to encourage cyber-attacks on any organisation, we find that is the only way to shock organisations into action,” Enosys Solutions Sales Director, Joseph Mesiti, said.
“Through mainstream media the profile of cyber security has risen enormously during the past few years, and it has helped drive boards to shift their focus onto how to better protect their digital assets.
“Executives are now educating themselves through the media and this is coming to the fore as they understand the implications of a breach.”
Mesiti said the recent unveiling of the Government’s $230 million cyber security strategy - aimed at enabling innovation, growth and prosperity - also helps bring the conversation to the centre table across Australia, as organisations begin to explore ways to advance and protect assets and interests.
But while conversations can be generated from Government statements such as the cyber security strategy, partners are becoming inundated with customers under threat from the influx of new technologies, causing disruption across all verticals and sectors.
“Customers need their little pockets of new data protected, whether that be on premise or in the Cloud, which brings new challenges,” Tecala founder and CTO, Dr Gleuto Serafim, explained.
“This is where the partner and vendor relationship is key because we need to know what is coming up. As a partner we have more experience sitting down with customers and we need to be enabled and equipped to overcome the new complexities of the market.”
With complexity comes greater challenges for the channel around selling security strategies to business owners and decision makers, such is the human tendency to reject hard truths.
“When you get a seat at the table, you never know whether they will take in your advice and feedback,” Hewlett Packard Enterprise South Pacific Network Consulting Manager, Chris Stradling, admitted.
“There’s always uncertainty around whether the customer will take the discussion to the next level. While you don’t want to play on the insecurities of a customer, there is a need to be strong and decisive in projecting the consequences of inaction.
“It’s a narrative that you serve to the customer, but this time it’s a real story.”
On the flip side however, Uplinx Group Security Practice Lead, Darren Lynn, believes that delivering bad news to customers is the easy part, “it’s whether they want to believe it or not” that proves difficult.