Technology transforms how people and businesses connect and use information, which drives revolutionary collaboration methods. This phenomenon has seen the cyber environment become a rapidly increasing, complex network of interconnected devices, from IoT devices such as a kettle or toaster, ecommerce sites, to large corporate networks. Most cybercrime is now perpetrated by organised criminal syndicates and state actors. The historical view of a ‘hacker’ being a student in their bedroom breaking into systems for fun or bragging rights is now rarely accurate. The ever evolving environment of cybercrime is becoming more sophisticated, more systematic, and more destructive.
With the rapid explosion of the number of devices within an organisation from PCs, printers, smartphones and now sensors such as environmental monitors, the job of information security has also evolved. Cybercrime has quickly become a multi-million dollar industry preying on government, business and individuals who rely on the internet and IT systems for their daily activities. Some of the most significant data breaches happened just in the last 12 months, and not just in other countries. PageUp, Australian Bureau of Meteorology, WA TAFE, Royal Melbourne Hospital, Kmart, David Jones, Aussie Farmers Direct, Queensland TAFE and many others have experienced serious cybersecurity incidents.
Cybercrime is driven by information and financial and personal gain, the consequence of which is that attackers are often indifferent about whom they compromise: your organisation, a healthcare provider, a large e-commerce business, a retailer, a utility, a Government Department or even individual users. In most cases, they will take the path providing the highest return on their investment. With the rise of hacking services such as Ransomware as a Service, these threats are genuinely commercialised with mature business processes.
With this rapidly changing Cyber threat landscape comes massive challenges; the days of relying on a perimeter firewall and antivirus alone to provide protection is no longer effective against targeted attacks. We can no longer rely on traditional technology solutions, we now need to leverage leadership, culture, networks and change readiness to create an advantage over competitors, cybercriminals and other malicious actors.
The new normal for Cyber Security is a truly terrifying reality - if you are connected to the internet in any way, it is not if, but when, you will suffer some form of Cyber Breach.
Ensuring your organisation is proactively taking steps to reduce the damage cybercrime can have is vital. Good business practice allows you to meet your legal obligations to keep your data secure as well as comply with the Notifiable Data Breaches (NDB) scheme which came into effect on 22nd February 2018.