Cyber Security and the new crime wave

The risk environment involving access to information systems has escalated dramatically in recent months emphasising the need to be aware of cyber security and the new crime wave. The attack on Optus and Medibank Private were high-profile but only examples of the many incidents experienced by organisations and individuals on a regular basis. The Australian Cyber Security Centre has recorded 76,000 cybercrime reports this year, up 13% on last year. The cyber security hotline receives nearly 70 calls per day seeking advice or reporting incidents.

The risks from this now global crime wave range across various consequences, including ransom-ware installed, destruction of records, theft of data and malicious vandalism of systems and websites. This is in addition to the absolute wave of scams and frauds that also abound online and via telephony. The cost to individuals and businesses from cybercrime events is estimated to average between $40,000 and $90,000 per incident, with significant events like the Optus and Medibank issues reaching into the millions of dollars.

All organisations should be moving swiftly to address any vulnerabilities in the systems. Responsibility for cyber security does not rest with the organisations IT staff. It is a strategic and governance issue in which Boards and executives should be thoroughly immersed.

The Australian Institute of Company Directors has elevated its advice and support in this area with valuable information available on its website and regular updates to company directors on practical means for defending against and responding to cyber attacks.

The Australian Cyber Security Centre (ACSC) provides valuable advice and tools to help you develop a protection plan as well as a planned response for surprise attacks. The ACSC also provides information on what to do in the event of an incident and how to report it.

The common advice to organisations includes:

  • Developing a strong culture of awareness about cyber security across the organisation.
  • Adopting a cyber security policy to guide both protective and response action.
  • Including cyber security in the organisation’s risk management framework and having a plan to respond quickly to incidents.
  • Regularly test and audit protective and response systems and procedures for effectiveness.

Above all the most important element is to maintain the vigilance of individuals using the system to any suspicious activity and to identify vulnerabilities that might lead to any authorised access or opportunities for scammers.


Join our newsletter

We won’t spam you, you will receive regular updates on relevant topics. 

  • This field is for validation purposes and should be left unchanged.