Australia is among a number of countries in the world that is most susceptible to a cyberattack. According to a 2017 data from the Rapid7 National Exposure Index, Australia was ranked ninth (9th) among the most susceptible to cyber-attacks.
Dr Maria Milosavljevic, CISO (Chief Information Security Officer) for the Department of Finance, Services and Innovation told the Public Sector Network’s Digital Marketplace 2018 on Thursday that this vulnerability must be addressed in priority, warning that a breach could have catastrophic consequences.
“Although we are not the primary target, we are definitely wide open to collateral damage if this is what people are seeing about us. This will only get worse with more and more subsequent attacks,” she said. She also pointed to Varonis data from 2017 on global cyber risk which indicated that Australia has a similar level of vulnerability to a cyberattack as Russia and the United States.
The repercussions of such a breach could be devastating, Dr Milosavljevic said, warning that a global breach could trigger a huge US$60 billion loss – a shortfall worse than a catastrophic natural disaster. This rise in cyber threats clearly demonstrates our increasing reliance and dependence on digital services and the internet, and the government is no exception, Dr Milosavljevic said.
The constantly changing nature of cyber threats presents a unique challenge for governments, Dr Milosavljevic said. “The impact of incidents is increasing rapidly year on year. Where once cybercrimes were the domain of hackers and scammers, well-organised criminal syndicates and state-sponsored hackers are on the rise. Cybersecurity teams and IT experts are waging a constant battle to protect our services every single day,” she said.
“It’s a relatively new problem, entirely different to anything we’ve seen before. Incidents of Cyber Warfare haven’t been studied a lot because they’re relatively new, changing and adapting frequently.”
The NSW Government looks to release its cybersecurity strategy later this year, which Dr Milosaljevic says will be based on the state’s cybersecurity roadmap.
The growing cyber threat calls for a shared response by governments, Dr Milosavljevic said.
“The most important thing is to make it a shared problem that needs a joint response. We can no longer think about ourselves in silos,” she said.
A top-down approach based on good governance is also critical moving forward, Dr Milosavljevic said.
“The most important thing is getting governance right,” she said, pointing to a three-pronged approach based on Auditing, Management Control and Risk Management.