GUEST OPINION: After the multiple high-profile cyberattacks of late 2022, Australian companies and their customers would be forgiven for thinking they would get through 2023 relatively unscathed. But we were proved very wrong in the lead-up to Summer with three stark reminders that our critical IT and network infrastructure remains vulnerable to both outages and hackers.
You will recall that one of our leading telco networks, Optus, went down, taking its CEO in its wake, and that we faced the possibility of Christmas being cancelled because ports operator DP World was subject to a cyberattack that left parcels stranded.
Of course, both incidents passed relatively quickly, but not without a great deal of angst and financial pain. Then, just before Christmas, St Vincent’s Health was hit by a cyberattack that put patient data at risk.
As we enter 2024, we in the IT infrastructure industry must let the collective memory of these incidents serve as an important post-holiday wake-up call to be more vigilant than ever to protect our critical IT infrastructure and to recover fast when, inevitably, it does take a hit.
|
Many a CTO watched these incidents with a mixture of sympathy for the companies affected and deep gratitude that it wasn’t them on the hook. But with cyber threats becoming ever more sophisticated and access to critical infrastructure such as connectivity becoming perceived as a basic human right, a “there but for the Grace of God, go I” approach is simply not going to cut it in 2024.
So, what needs to be done?
On the network side of things, we can both say with confidence that we have never seen a fully robust network in our almost 50-year collective careers. So, we would caution any telco or network-reliant company declaring that they will never have a network outage again. There will always be a weak spot, something that can bring the whole network down.
Traditionally the wider IT community has taken network for granted and has just assumed it’s a simple case of “shove data packets in there and they’ll fall at the other end in the right order”. Thankfully, network resiliency is now recognised as a central part of ICT strategy: after all, the network sees everything.
Being prepared for network failure means several things for enterprises. For a start, there’s having another ISP ready if yours falls over, configuring your systems correctly so that if one goes down, the other kicks in seamlessly, and having another backup, such as 5G.
Then there’s configuration. For instance, are your dark fibres all coming into your main distribution frame (MDF) from different directions, or are they all coming from one side so that when a rogue tradie puts his shovel through your fibre, your network becomes non-functioning? And how does that scale throughout your entire internal network?
These are the kinds of fundamental questions that can only be answered with joined-up ICT departments and systems that talk effectively to each other. It is why all our technology practices within Kyndryl work together to ensure the business continuity and business impact plans we develop with customers cover all bases and are able to be quickly implemented when it really matters (such as at 11pm on Christmas Eve, hypothetically speaking).
Then we test, test, and test the plans again. That’s what we encourage enterprises to do in 2024, all the while considering the most fundamental question: is your back-end infrastructure actually outdated and unsuited to cope with the explosion of both data volumes and cyber risk? If so, that is a whole other conversation and one you should not shy away from.
We expect more and more businesses and government departments to embrace and make IT infrastructure modernisation a key priority in 2024 because, without fit-for-purpose infrastructure, it could be your network that falls over or your operations that get stopped – and your organisation ends up on the front page for all the wrong reasons.