With digital connectivity becoming our default way of operating, cyber security should be a critical focus for businesses—yet 76% of Australian companies are overwhelmed by the amount of data under their control. Business leaders are aware of the threat, showing concern about the security and resilience of their data infrastructure, but they lack the urgency needed to make immediate change. (Australian Cybersecurity Magazine, 2023)
2023-2030 Australian Cyber Security Strategy Tackles ‘Urgent National Problem’
In the last year, millions of Australians have felt the disastrous effects of a cyber incident. The scale is staggering, with an average of one cybercrime reported every 6 minutes. “We need to act now,” said Minister for Home Affairs and Cyber Security Clare O’Neil, “For too long, Australian citizens and businesses have been left to fend for themselves against global cyber threats.” (Department of Home Affairs, 2023)
According to the 2023-2030 Australian Cyber Security Strategy, emerging technology has changed our digital landscape, with artificial intelligence and quantum computing creating new challenges. (Department of Home Affairs, 2023) And as our internet accessibility and use of cloud computing grows, so does our reliance on digital resilience and cloud storage. Since 2017, the Australian cloud storage market has grown on average 9.1% each year—meaning an outage or large-scale loss of data could be devastating for countless businesses. (Creighan, 2024)
The government’s new strategy focuses on strengthening cybersecurity foundations and addressing gaps in protocol, working towards national cyber resilience. Where previous years have taken a more guidelines-based approach, this strategy switches to providing tangible action and support for individuals and businesses. (Department of Home Affairs, 2023)
Majority of Australian Businesses Remain Unprepared for a Data Breach
While a more robust cyber strategy is a welcome move, the digital security of individual businesses is not the government’s responsibility. And Australian businesses seem reluctant to take initiative themselves.
A survey from the Council of Small Business Organisations of Australia showed that 43% of organisations believe that cyber security is too complicated for the majority of small businesses (Cyber Wardens, 2024, p. 34). Another survey, from Hitachi Vantara, echoed this sentiment, as 67% of business leaders were concerned their organisation would be unable to detect a data breach and respond in time to protect it. A quarter of respondents admitted that their important business data was not even backed up. (Australian Cybersecurity Magazine, 2023)
As Minister O’Neil said in the 2023-2030 Australian Cyber Security Strategy, national cyber security requires both government and big business to lead the way. She explained, “From today, we are shifting more of the cyber risk to those who are most capable. We are holding industry to higher standards to protect our devices, our data, and our critical infrastructure.” (Department of Home Affairs, 2023)
Escalating Ransomware Attacks Indicate the Urgency of Cyber Security
According to the government’s cyber security strategy, malicious cyber activity continues to grow at an unprecedented rate. The industrialisation of cybercrime has made it easier than ever for criminals to steal sensitive data, disrupt systems, and extort people for financial gain. (Department of Home Affairs, 2023)
In the last 12 months, over three quarters of Australians have experienced some form of cyber security threat, ranging from simply receiving a scam text message, to falling victim to a direct data breach (auDA, 2024). And the large-scale threats are even more insidious. In April, e-prescription provider MediSecure was the victim of a high-profile breach, where the sensitive details of 12.9 million Australians were compromised and 6.5 terabytes of data were stolen (Jeffrey, 2024).
Businesses Must Transform Their Cyber Security to Deter Sophisticated Opponents
The Australian Cyber Security Centre recommends that businesses deploy The Essential Eight, a series of strategies that aim to mitigate cyber threats, providing the fastest, strongest route to defence. (Australian Signals Directorate, 2022)
Several of them are quite easy to initiate:
- Turn on multi-factor authentication for all logins
- Update operating platforms and security software
- Back up business data regularly
- Restrict administrative privileges for business data
According to Australia’s Cyber Security Coordinator, Lieutenant General Michelle McGuinness, these precautionary measures go a long way towards improving a business’s data security and ‘will lift our cybersecurity posture as a nation and make us more secure’ (Courty & Atkin, 2024).
Building Strong Data Security Partnerships
Deploying the necessary data security measures can be time consuming for businesses with limited resources, so many look to third parties for data storage support.
However, it is crucial to choose the right provider. Best-practice providers will clearly comply with the necessary laws and regulations and should also have an ISO 27001 accreditation. To achieve accreditation with this global information security and privacy standard, providers must demonstrate that their policies, processes, and systems are designed to safely protect data—based on over 140 different control measures.
CV Check provides workforce compliance solutions that streamline data security. And with our ISO27001 accreditation, sensitive information is protected by robust and comprehensive digital security measures.
References:
auDA. (2024, May 23). Digital Lives of Australians 2024: value of the internet up – but cyber security concerns holding Aussies back. https://www.auda.org.au/statement/digital-lives-australians-2024-value-internet-cyber-security-concerns-holding-aussies
Australian Cybersecurity Magazine. (2023, July 13). 75% of Australian Companies Overwhelmed by Data Security. https://australiancybersecuritymagazine.com.au/75-of-australian-companies-overwhelmed-by-data-security/
Australian Signals Directorate. (2022, December 16). Small Business Cloud Security Guides: Executive Overview. Australian Government. https://www.cyber.gov.au/resources-business-and-government/essential-cyber-security/small-business-cyber-security/small-business-cloud-security-guide/small-business-cloud-security-guides-executive-overview
Courty, A., and Atkin, M. (2024, May 17). Cyber security chief says MediSecure data breach is an ‘isolated’ attack but warns health data a prime target for cybercrime. ABC News. https://www.abc.net.au/news/2024-05-17/cyber-security-chief-says-medisecure-data-breach-isolated-attack/103860120
Creighan, M. (2024, January 24). Data storage and security trends propelling Australian businesses forward. IT Brief Australia. https://itbrief.com.au/story/data-storage-and-security-trends-propelling-australian-businesses-forward
CV Check. (2021, May 23). Why your data protection and privacy is our priority. https://cvcheck.com/articles/why-your-data-protection-and-privacy-is-our-priority/
Cyber Wardens. (2024, March.) Building a culture of cyber safety in Australian small businesses. Council of Small Business Organisations of Australia. https://cyberwardens.com.au/wp-content/uploads/2024/03/Research-Report-Building-a-culture-of-cyber-safety-in-Australian-small-businesses.pdf
Department of Home Affairs. (2023). 2023–2030 Australian Cyber Security Strategy. https://www.homeaffairs.gov.au/cyber-security-subsite/files/2023-cyber-security-strategy.pdf
Department of Home Affairs. (2023, December 21). 2023-2030 Australian Cyber Security Strategy. Australian Government. https://www.homeaffairs.gov.au/about-us/our-portfolios/cyber-security/strategy/2023-2030-australian-cyber-security-strategy
Huntsdale, J., and Gilbert, R. (2023, August 30). Equinix Australia data centre boss details increasing pressure on infrastructure. ABC News. https://www.abc.net.au/news/2023-08-30/equnix-australia-data-centre-boss-high-demand-infrastructure/102765790
Jeffrey, D. (2024, July 18). Half of all Australians hit by MediSecure hack, but company can’t afford to find out who. 9News. https://www.9news.com.au/national/medisecure-hack-12-9-million-australians-affected/3c44cd81-b1c4-482c-9007-67f50a90f04f
Office of the Australian Information Commissioner (OAIC). (2023, August 8). Australian Community Attitudes to Privacy Survey 2023. Australian Government. https://www.oaic.gov.au/engage-with-us/research-and-training-resources/research/australian-community-attitudes-to-privacy-survey/australian-community-attitudes-to-privacy-survey-2023