Cybercrime is showing no signs of slowing down, posing risks across all aspects of society. WEF’s Global Risk Report for 2022 found in 2021, ransomware attacks were up 150 per cent globally, and more than 80 per cent of experts said this growth is now threatening public safety. In Australia, attacks were up 15 per cent, according to the Australian Cyber Security Centre (ACSC). These statistics demonstrate the gravity and prevalence of cybercrime today.
The question is, as we focus on global recovery and a new era of economic growth, how do we protect against cyber threats?
Table of Contents
- Accessible tools for economic rebalancing
- SME cyber support vital for wider economy
- Progress requires collaboration
- Public to private sector empowerment
Accessible tools for economic rebalancing
The adverse financial impacts of cybercrime are unsustainable for economies to absorb long-term.
It’s no secret that advanced technologies such as Artificial Intelligence (AI), Machine Learning (ML) and IoT are critical for future progress, but perhaps ironically, it’s these same technologies that can present new opportunities for cybercriminals.
The ultimate challenge will be securing such technologies and enabling more resilient, long-term solutions to the threats posed by cybercriminals. Economic rebalancing will only be possible if these tools are accessible to all organisations and businesses.
To make this vision a reality, we need collaboration and support between the public and private sectors.
SME cyber support vital for wider economy
Small and Medium-sized Enterprises (SMEs) are the backbone of local economies and yet are highly at risk. SMEs are seen as a key facet to trade and logistics, partner networks, and digital ecosystems. However, they increasingly find themselves the target of cyberattacks.
In the Australian 2021–22 financial year, the ACSC received over 76,000 cybercrime reports, an increase of nearly 13 per cent from the previous financial year. This equates to one report every 7 minutes, compared to every 8 minutes last financial year. Critically, there was a rise in the average cost per cybercrime report of over $39,000 for small businesses, $88,000 for medium businesses, and over $62,000 for large businesses, an average increase of 14 per cent.
Medium-sized businesses (defined by the Australian Bureau of Statistics as between 20 and 199 employees) had the highest average loss per cybercrime report where a financial loss occurred. This may be because they were less likely than large organisations to apply cyber security mitigations as outlined in the ACSC’s Strategies to Mitigate Cyber Security Incidents.
We must work to support and protect such businesses, particularly as we build more resilient, balanced societies. SMEs, unlike other businesses, often require and are entitled to greater government support and nurture. Governments that recognise SMEs as integral to a truly flourishing society will empower and deliver the most economic progress.
Helping these smaller organisations protect themselves against the ever-growing cybersecurity threat must be a priority for public sector recovery strategists in the months and years ahead. Additionally, cyber defence needs to be a priority for all Australians, with continued implementation of the Essential Eight cyber security strategies.
Progress requires collaboration
Proactive digital resilience strategies are now imperative across organisations, businesses, and industries – cybersecurity defences alone are no longer enough. Organisations need to integrate resilience into all areas of their digital transformation planning and operations.
Research indicates a need for clear and productive regulations, allowing for the sharing of information and collaboration across the digital ecosystem. In WEF’s Global Cyber Security Outlook report earlier this year, over 90 per cent of respondents reported receiving actional insights from external information-sharing groups and partners.
The ACSC launched several initiatives in 2021–22 to improve Australia’s cyber resilience, such as a Cyber Threat Intelligence Sharing (CTIS) platform that automates sharing indicators of compromise. The Australian Government’s ten-year investment in ASD, known as REDSPICE, will further harden Australia’s cyber defences in 2022–23 and beyond.
While these initiatives are promising, and the value of collaboration is obvious, many businesses refuse to share cybersecurity information for fear of losing customer loyalty or exposing weakness. Progress will require a shift in mindset to encourage a collaborative approach embodying a culture of sharing, trust, and joint accountability.
Public to private sector empowerment
It is now more important than ever that public sector infrastructure empowers business resilience to help identify, protect, detect, respond, and recover from cyberattacks and enable a rapid return to functioning operations. Even with strong cyber defences, companies can’t avoid all cyber disasters and their adverse impacts on data, privacy, and trust.
Therefore, the objective should be developing a cyber resilience strategy to anticipate and quickly recover from significant disruption. The real test should be how quickly and seamlessly organisations can return to “business as usual”. One essential component of such resilience is to create and implement thorough cybersecurity training exercises among workforces. This not only prepares employees to identify security risks and lures but also heightens awareness and reinforces the need for teamwork, skills, and collaboration across the whole organisation.
Frontier technology solutions are the forces driving digital transformation. They offer us all a bright and exciting digital future. However, advanced capabilities also throw up new cybersecurity challenges, with greater opportunity for cyber criminals to disable critical infrastructure and cause huge upheaval at a societal level. Cybersecurity should be at the forefront of public sector and business leaders’ minds. A comprehensive cybersecurity strategy that aligns with government and industry is crucial to post-pandemic recovery for businesses, the economy, and Australians.
Cybersecurity is much more than just an insurance policy against attacks. Cyber resilience, if implemented effectively, can help turbocharge long-term economic prosperity and innovation and provide the digital defences for our modern world.
Garett Paton is Director, Data Protection Solutions, Dell Technologies, ANZ.