Security Leadership

The Latest

28 October 2021: The US Senate voted unanimously to deny Huawei and ZTE from supplying equipment to US enterprises due to national security threats that would violate the Secure Equipment Act. Once approved by Pres. Joe Biden, the companies will not be granted equipment licenses by the Federal Communications Commission (FCC) under its ‘Covered Equipment or Services List’. A few days before, the Federal Bureau of Investigation (FBI) raided PAX Technology's Jacksonville warehouse after reports of alleged transmission of malware through the Chinese manufacturer's point-of-sale (PoS) terminals.

Why it’s Important.

As a member of Five Eyes (FVEY), an alliance of countries including Canada, New Zealand, the UK and the US, for joint cooperation in signals, military and human intelligence, Australia has previously followed the US in cutting off suspicious foreign tech companies' domestic presence due to national security concerns.

  • Australia blacklisted Huawei and ZTE in 2018 from selling 5G equipment. The two firms vehemently dismissed accusations over high-speed mobile network espionage, citing discriminatory tactics even with a no-backdoor agreement. 
  • In the same year, the Australian Defence Department banned messaging and payment app WeChat for failing to meet the organisation's standards for use on networks and mobile devices but not necessarily because of security and privacy issues.
  • In late October 2021, PoS terminals from PAX were detected sending anomalous network traffic, which has seen formal requests to replace the equipment due to security concerns. 

The fundamental issue here is supply chain security - the ability of nation state actors to inject spyware (or other malware) into equipment that is broadly used globally. Even where the security risks are not validated, the potential remains. It must also be noted that in the recent past, allies of Australia have engaged in such activities.

With the current geopolitics on global telecommunications being influenced by the US, sweeping impacts on the global supply chain and reduced competition in the market are likely.  

IBRS expects this technology supply spat will expand into areas outside of telecommunications, such as industrial control systems and PoS. Any widespread technology that can be used to impact or monitor aspects of national economies are likely targets.

Who’s impacted

  • Telecommunications procurement

What’s Next?

For organisations considering foreign-manufactured tech products and services, look more closely at the implications of selecting such equipment or platforms. While there is still no public evidence on the credibility of allegations against specific state actors, senior leaders must take security concerns in their organisation and assess the risks they are willing to take when selecting any vendor.

In addition to the security risks, there are also reputational risks, and risks associated with having to replace key solutions, such as is the case with the PAX PoS hardware.

Related IBRS Advisory

  1. Choosing Huawei could be risky - but not why you think
  2. Are you FRUSTRATED with procurement? Why procurement often goes off the rails

The Latest

11 May 2021: Jamf is a market leader in Apple iOS device management, with a strong presence in education. It has announced its intention to acquire the zero-trust end-point security vendor Wandera. 

Why it’s Important

Vendors in the device management have two options for continued growth: add new services and grow horizontally within their market (as in VMWare), or specialise in increasingly niche areas. Jamf has remained firmly entrenched in providing Apple device management, so it is a niche (though important) player in device management. Its acquisition of Wandera, hot on the heels of its purchase of Mondad, will broaden its base and help cement its position against the broader players. 

Who’s impacted

  • End user computing/digital workspace teams
  • Security teams

What’s Next?

Globally, the move to working from home saw an uplift in Apple products being connected to enterprise (work) environments. Citing IDC, Jamf reports the penetration of macOS in 2019 was around 17%, and during 2020 this increased to 23%. In addition, globally 49% of smartphones connecting to work environments remain iOS, though this is slightly lower in Australia, where Android has gained small market share in a tight market last year. 

The challenge with supporting a mixed device ecosystem (Windows, Android, macOS, iOS, Chrome) is now more than just securing the end-point, but the entire information ecosystem. VPNs in particular proved difficult to scale and adapt to a myriad of end points. The need to patch reliability and manage software also becomes significantly difficult due to differing rates of change, patch cycles and tools needed. 

Jamf’s acquisition of Wandera will not eliminate these challenges completely, but will at least simplify the Apple slice of the situation. 

Related IBRS Advisory

  1. Requirements Check-List for Mobile Device Management Solutions
  2. Embracing security evolution with zero trust networking

The Latest

To cater for organisations with requirements to keep data in-country, VMware has opened a Sydney based Point of Presence (PoP) for Carbon Black Cloud in the AWS Sydney data centre. Carbon Black Cloud offers end-point security, which provides behaviour based analysis of devices. 

Why it’s Important

The market for end-point security based on behavioural analytics is growing quickly. However, it relies upon hyper scale Cloud or Cloud-like resources. The paradox is that risk-averse organisations that can benefit from this type of endpoint protection are reticent to allow as-a-Service solutions not based domestically to have access to sensitive information about their staff activities. By opening a Sydney based PoP for Carbon Black Cloud, VMware removes a policy barrier to this type of end-point security. 

Who’s Impacted

  • Desktop / digital workplace leads
  • CISO / security teams

What’s Next?

Carbon Black Cloud is one of a growing list of technology offerings in end-point security that leverage Cloud computing and AI. This market will grow rapidly as remote and hybrid working environments become a permanent part of the economy. And rightly so. In principle, IBRS does not see that data geolocation (keeping data domestically) significantly improves an organisation’s security stance, though it may provide regulatory compliance. Latency issues, especially for high-volume services, are also a consideration.

In practice, many organisations still need to address legacy policy regarding information management, and so the trend towards vendors setting up local data processing operations will continue..  

Related IBRS Advisory

  1. Embracing security evolution with zero trust networking
  2. What is the security agenda for 2019?
  3. When it comes to security, when is enough... enough?