Every Australian business is now on notice to report cyber-attacks and ransomware demands as part of a $600 million funding boost by the Federal Government to fight cyber criminals.
In its much-anticipated Cyber Security strategy – released today in Sydney by Home Affairs Minister Clare O’Neil – the Government announced a no-fault, no-liability ransomware reporting obligation. With 94,000 cyber incidents reported in the past 12 months in Australia, the Cyber Strategy will also offer small business operators emergency help if they’re hit by a cyber-attack.
The Minister announced plans to introduce a six-shield strategy to try and ensure Australia is ahead of the cyber curve. These are:
While the Government wants Australia to be a world leader in cyber security by 2030, an exclusive SEC Newgate survey reveals plummeting trust in the capacity of telecommunications companies and retailers to protect sensitive data.
The national survey shows a massive divergence among industry sectors with regard to safeguarding sensitive data. Healthcare ranked first, with nearly 70 percent of those surveyed declaring they had either high or moderate trust in healthcare operators to protect sensitive data.
Education (68 percent) and the banking sector (66 percent) also rated very favourably when it comes to doing the right thing and ensuring sensitive data is not compromised.
By contrast, only 46 percent of those surveyed trusted the telecommunications sector. Retail scored even lower, with 41 percent.
Government services had a positive rating (61 percent) when it came to being trusted to protect the public’s most sensitive data and information.
Clearly, the front-page headlines from cyber-attacks against some of Australia’s best known corporate brands has undermined public confidence in the ability of businesses to withstand the impact of sophisticated criminal syndicates predominantly operating out of China, Russia, Iran and North Korea.
The release of today’s Cyber Security Strategy – along with this latest research – only strengthens the need for companies of all sizes to ensure they have systems and robust crisis communications plans in place to deal with cyber crises, should they arise.
SEC Newgate managing partner Brian Tyson said: “The series of recent high profile cyber-attacks have rattled the confidence of the community in the ability of major corporations to ensure their personal data is safe and not sold to the highest bidder through the dark web”.
The Australian Signals Directorate (ASD) last week reported there was a cyber incident reported every six minutes across the nation during 2022/23 – many of these impacting smaller businesses who are often ill-prepared to protect customer data.
The estimated cost to the national economy is $3 billion from cyber damage – and this figure is likely to grow much higher as critical infrastructure and corporations of all sizes come under attack.
As part of today’s Cyber Security announcement, the Government is promising small and medium-sized enterprises (SMEs) quicker access through a cyber health-check program. This will provide a free, tailored assessment of cyber security maturity to small and medium businesses.
Companies will also be able to report cyber-crimes without fear of being prosecuted by other regulatory authorities under a new legal “safe harbour” provision. This means that a company will be able to report a cyber incident to the ASD and Cyber Coordinator without worrying other regulators – such as ASIC – will be able to use this information to launch prosecutions.
Contact us for more information about our Cyber Communications offering, and how the Australian Cyber Security Strategy affects your organisation.
Steve Lewis, Senior Adviser, SEC Newgate Communications – [email protected]
Clint McGilvray, Partner, SEC Newgate Communications – [email protected]
SEC Newgate’s integrated approach draws on our national team’s experience and networks to deliver a full service offering.
