Cyber security. It’s the one issue that’s united Australia’s political and business leadership, galvanised into action to counter the threat posed by global criminal syndicates.
A dramatic increase in the frequency and ferocity of cyber-attacks against Australian businesses and organisations has also spurred authorities into action. Of course the high-profile cyber breaches against Medibank and Optus – which compromised the data of millions of Australians – put the issue firmly on the front page.
The response from the Australian Government – led by the Minister for Home Affairs Clare O’Neil – has been swift and far-reaching. The Minister is overseeing a major revamp of the mega Home Affairs Department to ensure it is better able to respond to the threat posed by cyber criminals. Likewise, Australia’s military and intelligence agencies are bolstering their cyber capability, aware that attacks launched by State-sponsored criminals – particularly from North Korea, China, Russia, and Iran – represent an existential threat to national security.
Critically the Medibank/Optus breaches drove home to the public that cyber security – previously the domain of tech boffins and IT nerds – is now an issue that everyone needs to take seriously.
Suddenly cyber is the new black.
There is no doubt the data breaches against Medibank and Optus – the worst in Australian history – were a wake-up call for many company directors who’d previously considered cyber an esoteric issue, best left to IT specialists. Perhaps it has been the spectre of much steeper fines that have spurred company boards into action.
It is now a fundamental tenet of doing business: ensuring that you are equipped to protect customer data, ensure critical infrastructure is safe from cyber-attacks, and prevent cyber criminals from launching damaging DDoS (distributed denial of service) attacks that can effectively freeze IT networks and cause them to close.
To quote Prime Minister, Anthony Albanese: “For businesses these days, cyber security is as important and essential as the shop having a lock on the door. We need all Australian businesses to be able to protect themselves and – just as importantly – protect their customers.”
The damage caused by the attacks against Optus and Medibank is still to be quantified but there is little doubt it completely consumed the Boards and Leadership teams of both companies and had an immediate impact on corporate reputation from which both are endeavouring to recover.
Importantly the cyber-attacks also prompted a public debate about ransomware attacks. Should corporations pay cyber terrorists threatening to release damaging data files?
SEC Newgate research shows just 23 percent of the 1,500 people surveyed in our recent Mood of the Nation sample support paying ransomware. Against that, 49 percent of those surveyed don’t want companies to reward criminals. The results are clear – and in line with the Albanese Government which also opposes companies forking out ransomware payments.
All of which underscores the need for business executives and company directors to realise there is no longer any excuse for not taking cyber seriously.
To remain viable companies will need to build cyber resilience and have the resources in place to respond to attacks by increasingly sophisticated cyber-criminal gangs.
If Australia is to become, as the Albanese Government hopes, the most cyber aware nation by 2030 then it is imperative for business to step up and put in place systems and procedures to ward off cyber criminals.
To do nothing – to be indifferent to the overwhelming threat posed by data thieves – is no longer an option. The threat is too great, the warnings too frequent.
Businesses must be on alert and build cyber resilience as a matter of urgency. Otherwise, the consequences will be devastating.
Just ask Medibank and Optus.
Contact us for more information about how SEC Newgate’s Cyber/Comms service can help you.