Cyber Security

At the launch of the ‘Cyber for Directors’ short course, a collaboration between Data 61 and the AICD, Data 61 CEO Adrian Turner spoke about the value of the partnership in creating Australia’s data driven future. “We sit at an incredible time in history, where we’re seeing a convergence of IT material sciences and biology. That convergence is going to drive Australia’s economy over the next 15-20 years,” Turner said.

He explained all new industries were going to be data driven to some extent, and cybersecurity was key to protecting those industries and underpinning growth. Turner said Data 61 are motivated to drive systemic change and, “if you look at business the place that we think we can really influence is directors and boards”.

Member for Mackellar Jason Falinski (representing Minister for Innovation and Science Michaelia Cash) told attendees rapid innovations in digital and connective technologies are changing the way we live, work and do business. “The digital revolution means we are now part of the truly global marketplace.”

Cybercrime: government warns against line hackers and state sponsored actors

News reports show Uber as the latest entity caught out by hackers stealing data from 50 million passengers and seven million drivers. In May, Cyber Security Minister Dan Tehan called on businesses to take proactive steps to protect their systems from ransomware attacks after five Australian businesses were targeted, according to news.com.au. “Ransomware continues to grow as a method of extorting funds from a wide range of victims. It is one of the most prevalent financially motivated cybercrime threats worldwide and is likely to remain so due to its continuing success,” the 2017 Australian Cybersecurity Centre Threat report found.

AICD Chairman Elizabeth Proust FAICD told the launched Australia needed to prepare for cybersecurity risks. “Cybercrime is the second-most important economic crime, affecting 32% of organisations and costs the Australian economy estimated $13 billion annually,” Proust said.

Falinski echoed this concern saying that while technologies and associated connectedness could provide “near limited opportunities for economic growth, those opportunities do not come without risk”. Falinski said, “Cybercrime is already the leading financial crime in Australia. Through human error and insider threats from line hackers and state sponsored actors, cybersecurity is a serious and growing issue for Australian businesses.” He cited statistics from Deloitte Australia’s Digital Pulse 2017 report which said the average cost of a cyber-attack on an Australian business was $419,000. “Poor cybersecurity exposes organisations to increased risks of hacks that threatens everything from brand value and share prices to personal safety and productivity.”

How governance protects

Proust implored directors to consider a board’s role addressing cybersecurity in light of these risks. “Strategy underlines how cultural change will be most effective in mitigating this danger. The culture of any business or organisation is shaped and guided from the top so it’s incumbent on directors and senior leaders of all shapes and sizes to ensure that they have the awareness and the skills needed to tackle the digital threats and opportunities we will face in this digital world.”

She said research on the governance of cybersecurity suggested board executives have little awareness of the full implications of digital threats for organisations. “We believe that needs to change. We are confident the ‘Cyber for Directors’ [course] developed in close collaboration with CSIRO’s Data 61 team and with the support of the Australian government will bring about a new era of cyber literacy and understanding around Australia’s board tables,” Proust said.

AICD General Manager for Education Marcel Mol said the course was a unique offering as the curriculum was specifically written with directors in mind. “It covers the governance frameworks, the disclosure rules, the strategic approach and the innovation models that will help to shape proactive boardroom response to governance of cyber in Australia,” Mol said. Turner added the course features insight from cyber practitioners “who are living the frontline of cyber security”. “We think it’s quite unique in the world for that combination,” he said.

Find out more about the ‘Cyber for Directors’ course here.