Latest news with #security strategy
South China Morning Post
21 hours ago
- Politics
- South China Morning Post
Australia, Philippines stage largest-ever drills: ‘denial of China's aggression'
Off the shores of Palawan, more than 3,600 troops from Australia and the Philippines are taking part in their largest-ever military drills, marking a decisive shift in Canberra's Indo-Pacific security strategy. Advertisement Exercise Alon, launched on Friday, is taking place less than 300 nautical miles (555km) from the Philippine-held Thitu Island in the Spratly archipelago – an area at the heart of escalating territorial disputes in the South China Sea Beijing claims the Spratly island group alongside almost all of the contested waterway – claims disputed by the Philippines, Vietnam, Malaysia and Brunei, among others. Named after the Filipino word for 'wave', Alon encompasses live-fire drills, amphibious landings, air support operations and special forces manoeuvres. Among the Australian assets deployed are a guided-missile destroyer, F/A-18 fighter jets, Javelin anti-tank missiles and C-130 transport aircraft. Australian troops gesture as Philippine frigate BRP Jose Rizal sails past the Australian destroyer HMAS Brisbane during Exercise Alon earlier this month. Photo: Australia's Defence Department Observers from the US, Canada, Japan, South Korea, New Zealand and Indonesia are attending the drills, which are scheduled to conclude on August 29. Advertisement
Forbes
12-08-2025
- Business
- Forbes
Cyber Resilience Must Become The Third Pillar Of Security Strategy
For years, enterprise security has been built around two main pillars: prevention and detection. Firewalls, endpoint protection, and intrusion detection systems all aim to stop attackers before they do damage. But as threats grow more sophisticated, it's clear that this isn't enough. 'Cloud insecurity is inevitable,' says Kavitha Mariappan, chief transformation officer at Rubrik. The phrase reflects a shift in mindset taking hold across the industry: breaches will happen, and organizations need to prepare to recover as quickly and completely as possible. That requires elevating cyber resilience to stand alongside prevention and detection as an equal pillar of security strategy. Why Resilience Matters Now Mariappan has spent years in the prevention-and-detection world and understands its limits. 'We've built entire strategies around stopping attacks, with the belief that all attacks are preventable. They're not,' she says. Richard Stiennon, chief research analyst at IT-Harvest, sees Mariappan's approach as a natural progression that he describes as hyper-layers of defense. 'Prevention is always the best and provides immediate benefits. While needed, detection opens a can of worms and adds to workloads. If all else fails, the resilience layer ensures that the impact of a successful breach is minimized or at least contained.' Attackers today exploit sprawling, complex environments that span on-premises systems, multiple clouds, and hundreds of SaaS apps. Even the best defenses can't block every breach, whether it's from ransomware, insider threats, or supply chain compromises. Resilience — the ability to minimize damage, restore operations quickly, and maintain business continuity — is what keeps an incident from becoming a crisis. The Cloud Responsibility Gap The shift to cloud computing has created dangerous assumptions. Many organizations believe that moving workloads to AWS, Azure, or Google Cloud means the provider 'takes care of security.' While hyperscalers secure their infrastructure, customers are responsible for protecting their own data, configurations, and access. Think of it like a car. The manufacturer builds the car with an accelerator and steering wheel to let you get where you want to go as quickly and efficiently as possible, as well as brakes and a seatbelt to empower you to do so safely. Whether or how you use the tools provided is up to you. The same is true for the capabilities and security controls of cloud infrastructure. The hyperscalers provide the framework, but they're not responsible for how – or if – you use them. Native cloud backup and recovery tools are often designed for operational mishaps — such as restoring accidentally deleted files — not for withstanding modern cyberattacks. Mariappan warns that they can lack the immutability, isolation, and advanced threat detection needed to survive ransomware or coordinated, multi-vector campaigns. Resilience by Design Effective resilience starts with rethinking backup as more than a compliance checkbox. Immutable, air-gapped copies prevent attackers from tampering with recovery points. Built-in threat detection can spot ransomware or other malicious activity before it spreads. But technology alone isn't enough. Mariappan urges leaders to identify the 'minimum viable business' — the essential applications, accounts, and configurations required to function after an incident. Recovery strategies should be built around restoring these first to reduce downtime and financial impact. She also stresses the importance of limiting the blast radius. In a cloud context, that might mean segmenting workloads, isolating credentials, or designing architectures that prevent a single compromised account from jeopardizing an entire environment. The Quantum Horizon While most resilience planning focuses on immediate threats, Mariappan points to the 'harvest now, decrypt later' risk posed by quantum computing. Attackers can steal encrypted data today, store it cheaply, and wait until quantum capabilities make decryption trivial. That makes encryption hygiene and proactive re-encryption critical — not just after an incident, but as an ongoing practice. 'If the data was already taken, updating your encryption now is too late,' Mariappan notes. Breaking Down Silos Resilience planning often stalls because it lives in the wrong place. Backup and recovery budgets sit in IT infrastructure, while security teams focus on preventing attacks. Risk officers may own the broader business continuity mandate, but lack direct control over technical safeguards. Mariappan believes resilience should be a shared responsibility across IT, security, risk, and compliance — with executive and board-level engagement. 'This is no longer just an infrastructure problem,' she says. 'It's critical to the viability of the organization and the management of reputational risk.' Assume Breach The new playbook, she argues, is simple: assume breach. That means designing systems, processes, and teams to respond as if an attack has already succeeded. The goal is not to eliminate risk entirely — an impossible task — but to ensure the organization can recover without catastrophic losses. There's a cost to building resilience. It competes for budget with other security priorities. But the cost of not investing — weeks or months of downtime, regulatory penalties, damaged customer trust — is far higher. Mariappan puts it bluntly: 'More detection and prevention tools are not going to keep you 100% safe. Cyber resilience must be a first-class citizen in your security and risk strategy.'
