WHY IS CYBER SECURITY IMPORTANT?

Cyber Security is important because without any understanding or consideration of the issue you are waiting to be attacked. It may not happen now, or next week, but eventually you will be breached and you will have to deal with the fallout.

In fact, in the last few years, cyber crime has grown at such a rapid rate it is now an issue all businesses should constantly be monitoring and managing. The latest “Cost of data breach study: Australia”, by IBM and the Ponemon Institute, concluded that in 2014 the likelihood of an Australian company or organisation experiencing a data breach involving at least 10,000 records had increased to 18 per cent over a 24 month period – that is, nearly one in five Australian companies or organisations will experience a serious data breach in the next two years. And this breach rate continues to grow. The problem is also growing rapidly in other Asia-Pacific nations.

The Australian Institute of Criminology (AIC), the Australian Government’s national research and knowledge centre on crime and justice, says the under-reporting of high tech crimes is thought to be a serious problem. (For more information)

Criminals and criminal organisations around the world have worked out there is money to be made in cyber crime and that policing it, given its international nature, is very difficult. We have moved from the “conventional hacker” just being a nuisance with new viruses, etc, to criminals now harnessing that capacity to steal and extort.

Examples of attacks on your IT/data systems include:

• malware that logs your keystrokes, giving your banking and credit card details to the cyber criminals;
• ransomware that encrypts your data files while they are still on your computer and the only way to get access to them is by paying a criminal to unlock them; or
• the loss of sensitive/confidential data, exposing you to government imposed fines and/or legal action from clients or business partners whose information you have “leaked”.

Almost all computers now come with some form of technical protection such as Anti-virus software and yet the chance of being compromised continues to grow, with the black market for stolen data booming into a multi-billion dollar industry. Businesses and organisations across the Asia Pacific are now expected to take reasonable steps, even in law, to protect the private information of their clients and business partners from cyber attack.

Anti-viruses, a strong firewall and network management practices are vital, but are not the sum of the solution. Businesses and organisations now need more than that and are increasingly expected, even in law, to take reasonable steps to protect their IT/data systems and protect the privacy of their clients. For technical security measures to be effective the human factor needs to be taken into consideration. The fact that a growing number of data breaches are now caused by human error means that, no matter how strong and secure your network, one wrong click or one malicious email is all it takes for criminals to find a way to breach your network.

Therefore, information and cyber security compliance and awareness training of all your employees, contractors and volunteers is now a vital part of showing that you:

• take the protection of your clients’ personal/private information seriously; and
• are, in fact, taking reasonable steps to meet your legal and ethical obligations.

It can also reduce the considerable reputation damage and cost risks now caused by data breaches.

SAWAN BHAN

CONTACT ME