Home / Business / Articles / Cyber security – A growing but manageable threat

More articles in this series:
A growing recognition
Cyber resilience - A good place to start
Review your processes
When private information gets splashed around the internet

The digital age presents opportunities and challenges for businesses, organisations and individuals alike. Undoubtedly, those who prefer to be at the cutting edge of technological implementation reap the benefits of which there are many. However, those who prefer to refrain from implementing the latest technologies can find that they face some negative consequences of “digital disruption” which can vary in significance and importance. (The term “disruption” can be a bit misleading but it generally refers to the effects of digital change.) On the other hand, implementing the latest technologies does present significant exposure to Cyber Security (CS) threats, the sort that feature heavily in the media.

This article is the first in our Cyber Security Series which will discuss many aspects of this seemingly impossible labyrinth of information.

The extent of the problem

We have all witnessed the rapid expansion and implementation of digital technologies during the last 20 years. A combination of general criminal intent or malicious motivation and astronomical amounts of money in the offing, has led to an explosion in the number and sophistication of cyber attacks across global networks.

Several findings from the 2015 Cyber Security Survey across Australia's major businesses uncovered:
bullet50% of respondents experienced at least one incident of cyber threat in 2015
bullet11,733 incidents affecting businesses of which 218 affected critical national infrastructure
bulletIn terms of the significance of threats, ransomware was ranked the highest, followed breach of privacy and malicious emails.

Australian context

In response to the Financial Systems Inquiry in 2014, the government listed CS as one of its top security priorities. The former Cyber Security Strategy is being reviewed through collaborative efforts between the public and private sector. A new or updated public strategy statement is expected to be released later this year.

While Australia is yet to enact any legislation, various regulators have certainly increased their vigilance regarding cyber resilience and surveillance.

Cyber resilience

Cyber resilience is much more than just preventing or responding to an attack. There are a myriad of issues that may be encountered varying from relatively minor email intrusions to complete system outages and extensive data theft. What is important is the ability to prepare for, respond to, adapt and recover from a cyber attack, whatever its form.

Whilst organisations have varying legal and compliance obligations, the following are common CS obligations:
bulletEstablishing a CS risk management framework
bulletEnabling suitable people to act in the organisation’s best interests, with reasonable care and diligence
bulletEstablishing “reasonable steps” to protect personal information
bulletEnsuring internal and external stakeholders are aware of its implications and safeguards
bulletEnsuring agreements with third party providers dealing with:
     bulletprivacy
    bulletbusiness continuity
    bulletcompensation/insurance for cyber incidents.

We will be discussing a range of CS issues in forthcoming bulletins. We would be delighted to discuss your organisation's CS framework.

 

 

Murray Nicholls

New to Saward Dawson? Book a free 30 minute consultation

We happily spend 30 minutes without charge with new contacts to explore relevant issues and outline how we can assist. Let us know your area of interest and we will arrange a specialist to meet with you.

Subscribe to e-bulletins

Subscribe Now

Stay Connected