Senetas recently collaborated on an article published in the Technology section of Stockhead (a news service dedicated to stories about emerging ASX-listed companies). In the cybersecurity post, the authors highlight the rise in ransomware attacks but bemoan the apparent lack of afirmative action on the part of Australian businesses to protect customer data from a complex threat landscape.
“Ransomware attacks have become the Sword of Damocles hanging over companies’ heads. A sword that, incredulously, appears to be ignored by Australia’s business leadership who are very eager to take advantage of customers’ data, but are unable to properly manage the cyber-risks.
Part of the problem is that cybersecurity is a complex field: Recent incidents like the TissuPath and Dymocks breaches serve as a glaring reminder of the vulnerability in our interconnected digital landscape.
Data is the new oil, and ransomware is more than able to tap into that wealth. The need for robust cybersecurity solutions that can reduce complexity has never been more critical.”
Australia has seen some very high profile breaches in recent months, with the Latitude, Optus, and Medibank incidents impacting millions of citizens. In the article, the authors draw our attention to some smaller, but still noteworthy breaches. TissuPath is a small, Melbounre-based healthcare provider who suffered a significant breach of over 470Gb of sensitive customer data. Dymocks, the book store company, also suffered a breach that exposed personally identifiable data such as postal end email addresses.
Effective cybersecurity depends on a level of committment, not just from private sector businesses, but from government and regulatory authorities. Across the world, the enactment of new cybersecurity regulations and legislation is helping to shine a light on the depth of the problem and holding data owners and processors to account for the security of the data they are custodians of.
As the Australian govenment formulates its latest cybersecurity strategy, demand for effective prevention and protection technologies is likely to rise. However, all organisations need to remain vigilant and not treat cybersecurity as a tick-box exercise. Stricter enforcement of of compliance, larger financial penalties and personal liability for executives are designed to break the cycle of apathy and place the emphasis on prevention, not remediation.