The Australian Cyber Security Centre and global big data aggregator and analysis vendor Splunk teamed up to host what is claimed to be the world's largest ever cyber security challenge.
Security analysts and engineers from industry, academia and government across Sydney, Melbourne, Brisbane, Perth, Adelaide and Canberra tested themselves using Splunk and other security tools and techniques, racing to hunt the threat and report their findings, with points awarded for speed and technique.
“You cannot underestimate the significance of this event in educating and encouraging a superior cyber security skillset in Australia,” said Alastair MacGibbon, head of the ACSC. “As the threats evolve, so must our response.”
Cyber crime is an ever-increasing problem in our highly-connected world and the ACSC says it costs the Australian economy up to $1 billion per year, as well as damaging reputation, well-being, and business and employment opportunities.
“Every incident and scenario in this cyber challenge is based on something that Australians, as customers or security analysts, are likely to have seen or experienced,” MacGibbon said. “But what is the best and quickest answer to the threat?”
The mission can be compared to hunting for a needle in a haystack.
“This event speaks to the whole mission of the ACSC, which is to bring people together across the nation to test and improve their technical skills and, in doing so, raise the cyber security resilience of Australia,” MacGibbon said.
"The challenge improves and tests technical skills, raising the cyber-resilience of Australia," said Simon Eid, Area Vice President, Australia and New Zealand, Splunk. "It brings it all together across government, academia, industry and secret agencies, to make a difference and educate the teams and upskill all those skillsets."
Splunk continues to enjoy growth in Australia, with staff numbers growing from 15 to triple digits over the last three years.
As part of its ongoing Splunk4Good programme making Splunk software and expertise available to education, Eid announced a collaboration with Box Hill TAFE that will see Splunk software being used in the TAFE's cyber security offerings.
Splunk's use in Australia is fairly evenly divided between security and IT operations, Eid explained, saying, "A lot of security data is IT operational data also. The biggest challenge for many companies is their data is in different spots and it is difficult to get an end-to-end visibility of this data with different lenses for security use cases and IT operations use cases. Splunk takes a data-driven approach which makes us unique in the marketplace."
"The traditional SIEM (Security Incident and Event Management) approach doesn't give an organisation protection. Having data in one spot applicable to security and IT operations is making a big difference to our customers, converging to give true end-to-end visibility of infrastructure and applications and their security posture to understand risks."