Security Market Segment LS
Thursday, 29 August 2019 01:13

Security firms question preparedness for defence against cyber criminals Featured


Four of Australia’s security firms have questioned whether enough is being done to defend businesses and organisations against security attacks by cybercriminals in the wake of a report by the Office of the Australian Information Commissioner (OAIC) revealing malicious or criminal attacks dominated data breaches over a three month period to the end of June.

The questioning of Australia’s security preparedness follows the OAIC’s quarterly report that malicious or criminal attacks were the largest source of data breaches in Australia in the quarter, accounting for 62% of all data breaches.

Of these 151 data breaches, 69.5% involved cyber incidents such as phishing, malware or ransomware, brute-force attacks, or compromised or stolen credentials.

The latest figures from the OAIC show that Australian organisations continue to struggle with the increased presence of cyber threats,” says Bede Hackney, ANZ Country Manager, Tenable.

“The reported 245 breaches is still high considering personal, healthcare and financial information are high-value assets that can be monetised by cybercriminals.”

And Hackney said Australian organisations have a duty of care to protect customer information “and need to be vigilant with managing, measuring and reducing their cyber risk”.

“Malicious or criminal attacks again account for the highest proportion of breach notifications in Australia, followed by human error (34%) - this indicates Australian organisations aren’t investing in cybersecurity from both a technology and employee education perspective,” commented John Donovan, managing director ANZ at Sophos.

Commenting on the importance of cybersecurity and the ramifications for not prioritising it, Donovan said “by investing in these areas, organisations will be able to better block attacks and have a workforce that is attuned to cybersecurity issues”.

Mark Sinclair, ANZ Regional Director, WatchGuard Technologies, weighed in, saying that “this latest report suggests that in reality not much has changed over previous quarters”.

“Health still dominates as the top offending industry and more than 50 percent of breaches in healthcare continue to be because of human error.

“Healthcare providers need to invest in systems and user education to help prevent accidental data breach. They should also look at who has access to what information and consider removing the ability of repeat offenders to accidentally send out such information.

“Finance has always been second but the number of breach notifications have increased over the last quarter and this is due to an increase in breaches resulting in malicious activities.

“This matches what we are seeing worldwide where criminals continue to chase dollars via cybercrime,” Sinclair concluded.

And rounding out the concerns of the security firms, Phil Kernick, co-founder and chief technology officer at CQR Consulting said “it feels like Groundhog Day for the OAIC. This report is undistinguishable from the last quarter, which is the same as the one before that, and the one before that, and so on…”

“The intent of mandatory breach notification was to cause Australian business to internalise the cost of breaches, and use that money to improve their systems to keep all of our information safe. Clearly they haven’t.”

According to Kernick, Australian business has realised that reporting to the OAIC is “much easier and cheaper than actually improving security”.

“Until businesses involved in breaches are publicly named, and until there are meaningful penalties for non-compliance, the situation will not improve,” he warned.


26-27 February 2020 | Hilton Brisbane

Connecting the region’s leading data analytics professionals to drive and inspire your future strategy

Leading the data analytics division has never been easy, but now the challenge is on to remain ahead of the competition and reap the massive rewards as a strategic executive.

Do you want to leverage data governance as an enabler?Are you working at driving AI/ML implementation?

Want to stay abreast of data privacy and AI ethics requirements? Are you working hard to push predictive analytics to the limits?

With so much to keep on top of in such a rapidly changing technology space, collaboration is key to success. You don't need to struggle alone, network and share your struggles as well as your tips for success at CDAO Brisbane.

Discover how your peers have tackled the very same issues you face daily. Network with over 140 of your peers and hear from the leading professionals in your industry. Leverage this community of data and analytics enthusiasts to advance your strategy to the next level.

Download the Agenda to find out more


Peter Dinham

Peter Dinham is a co-founder of iTWire and a 35-year veteran journalist and corporate communications consultant. He has worked as a journalist in all forms of media – newspapers/magazines, radio, television, press agency and now, online – including with the Canberra Times, The Examiner (Tasmania), the ABC and AAP-Reuters. As a freelance journalist he also had articles published in Australian and overseas magazines. He worked in the corporate communications/public relations sector, in-house with an airline, and as a senior executive in Australia of the world’s largest communications consultancy, Burson-Marsteller. He also ran his own communications consultancy and was a co-founder in Australia of the global photographic agency, the Image Bank (now Getty Images).



Recent Comments