Speaking at the Thriving in a Digital and Secure Age luncheon for the Digital Innovation Festival, hosted by the ACS in partership with the Victorian Government, the Honourable Philip Dalidakis, Minister for Small Business, Innovation and Trade began by outlining the challenges and opportunities for Australia.
Referring to a report by the ACS, Dalidakis stated “The ACS has led the way in talking about cybersecurity, recently releasing a cybersecurity position paper which made some interesting observations in relation to the impact of cybersecurity,”
“It reports that in 2014 global cybersecurity incidents grew by more than 48% while averaging 117,000 attacks per day, the global economic impact of those attacks were conservatively estimated at approximately $US375 billion.”
He also went on to refer another recently released report by Deloitte, noting that “the digital economy in Australia is worth approximately $78 billion” and that “by 2020 this would grow to $138 billion, or 7.3% of our GDP.”
However, Australia may not be well equipped to take advantage of this opportunity, revealing that “for the last ten years our ICT graduates have declined across the country,” and “this is something we need to reverse if we are to be a nation of innovators and entrepreneurs.”
Dalidakis also challenged Australia to strive to be number three in the world, after the US and Israel, joking that number one would be nice but that we might need a little more work to topple Israel and Washington DC.
The minister also took the opportunity to announce the establishment of the Oceania Cybersecurity Centre in Victoria which, among other projects, will concentrate on initiatives to protect infrastructure such as gas, electricity, water and the transport grid, going on to say “there’s only one other centre like it around the world, and that’s at the University of Illinois in Chicago.”
During the keynote speech from Tammy Moskites, Venafi CISO/CIO, where she covered the landscape today she asked “Why do we have so many high profile breaches?” before answering with “We’ve always had them, we just didn’t know about them."
Explaining how in the past companies weren’t required to disclose these breaches, a mixture of legislation and consumer-focused accountability has led to more companies being transparent about such hacks, and that this is a good step forward.
She shared her experience on the best way companies can protect their digital assets, starting with an accurate audit of what their IT infrastructure is comprised of as a baseline, as 75% of companies don’t have an accurate audit of their assets, and how can you protect what you don’t know you have?
ACS Victorian Chair, Craig Horne, moderated a panel discussion featuring Mike Burgess, Chief Information Security Officer (CSIO) at Telstra; Mazino Onibere, Information Security Manager at NEC Australia; Andrew Dell, Chief Information Security Officer at NAB; and Rachael Falk, co-creator of the Five Knows of Cyber Security alongside Tammy Moskites and Minister Dalidakis.
Mr Burgess gave a compelling talk about the motivations of hacks, stating hackers will “attempt to hack your organisation to steal valuable data. They’ll attempt to hack your organisation to deny you access to your data, so they can hold you to ransom, or they’ll hack your data to try to disrupt your business, either because they don’t like you as a company, or they’re protesting about some matter of policy that may not even be yours.”
Key, however, is the perception that cybersecurity is an IT problem and Mr Burgess disputes this, saying that for Telstra “Cybersecurity is a business risk, not an IT security risk. Every business unit in Telstra is accountable for their cyber security risk management; not the CIO, not the CSO, but every group executive who works for our CEO is accountable for that risk management for that business unit.”
With the recent furore over the eCensus and a much-publicised blame being laid at hackers for a DDoS (Distributed Denial of Service) attack to bring the Census site down, the security of both computers systems and the private data of Australians is in the public eye. For the Victorian Government, the Oceania Security Centre is one step towards greater capability for Australian cybersecurity.
The Victorian Digital Innovation Festival comprises thirty events spread over twelve days. For more information visit www.business.vic.gov.au/events/digital-innovation-festival.