On 9 August 2016, the Australian census website received four denial-of-service attacks, shutting down the first-ever predominantly online census.
Fears of compromised data swirled through the media and thrust cyber security into the public eye.
But IT professional at the Department of Human Services, Dinkar Sharma, believes the breach, that the Australian Bureau of Statistics (ABS) claimed did not compromise anyone’s data, has helped the state of cyber security in Australia.
“Any kind of incident is an eye-opener,” he tells Information Age.
“It contributed towards creating more awareness and Australia now treats cyber attacks as extremely serious.
“It is great to see that people are taking more interest in cyber security.”
And in terms of the attacks that occurred on that August night?
“I believe the ABS took extra care and immediately disabled access to the census website when they discovered multiple Distributed Denial of Service incidents occurring.”
According to Sharma, the growing awareness towards cyber security is not just due to widely-publicised breaches such as the 2016 census, but it can be attributed to the constant threats an everyday citizen faces.
“Your whole life depends on cyber security now,” he says.
“Before, people could rob you physically.
“Now they don't need to. They can just sit in one corner in an air-conditioned room, and they can take your whole wealth.”
Cyber security for the everyday Australian
Sharma first fell into cyber security when, with just a Bachelor of Information Technology to his name, he was tasked with creating a cyber security domain for a cyber operations centre’s Quality Assurance Environment.
Since then, he has seen technology and computing become an increasingly vital aspect of everyday life, and with that, cyber security become a household necessity.
“Now, we have a specialised IT industry that is quite crucial in everyday function.
“Whether it's day-to-day function, your social activities, whether it is banking, whether it is your professional work.
“Anything that you do, you need to now consider cyber security.”
And while the increased awareness and advocacy for cyber security in recent years is undeniable, there is work still to be done.
What can you do?
Although the responsibility of cyber security advocacy and awareness traditionally sits with government agencies and industry professionals, Sharma believes a changing of the guard may be in order.
“I think awareness is something that we all need to share, everywhere you go, it is our moral responsibility that we educate.”
“We can inform other people to be safe, inform them on how they can do their transactions over the internet safely.
“That definitely increases the knowledge.”
Internet banking is one area he believes security is being taken seriously amongst the general public, due to the obvious financial risks.
However, other seemingly innocuous online activities pose the greatest risk when it comes to everyday cyber security, according to Sharma.
“People are more aware of doing internet banking safely,” he says. “They're not aware of how to protect their credentials.”
“They're not aware of how to safely use social networking. Information can be obtained from there, and using their identity, can be used to access pretty much their life savings.”
Sharing responsibility
In terms of cyber security advocacy, an individual can only do so much, says Sharma.
Likewise, a single organisation has limited reach, whether public or private.
This is why he believes that industry partnerships are so important when it comes to educating the greater public on the importance of cyber security.
“Everyone needs to contribute constantly towards cyber security improvements and awareness,” Sharma says.
“We are witnessing lots of strong government initiatives – even private industries are taking more interest and working together to improve the way they conduct business.
“We are seeing more conferences, more seminars and more sharing of ideas towards cyber security awareness.
“Public/private partnerships are vital in overcoming weaknesses; these types of initiatives can lead to highly beneficial solutions.”
Keeping up to pace
Although Sharma supports the advocacy work of the government and private sector, he is mindful that awareness can only get you so far when it comes to cyber security.
“There is a strong need for formal education in cyber security,” he says.
“There are online threats and behaviours that are impossible for security software to detect.
“Becoming educated about threats and the best practices against them will make it immensely difficult for a cybercriminal to access our data.”
Sharma has continued to upskill throughout his career.
Seminars, networking events, certification courses and even IT awareness courses have all helped him keep pace with cyber trends.
“Evolving myself and increasing my knowledge every day as I go helps, because the IT industry is very cutting edge and is drastically changing every day.”
Dinkar Sharma is an ACS Certified Professional (Cyber Security).
In our CYBER EXPERTS SERIES, Information Age talks to cyber security leaders across Australia and beyond about the biggest threats facing the industry, how they got into cyber security, and what keeps them up at night.