Share this article on:
New research has shed light on the financial impact of the spike in malicious cyber activity.
According to a new red paper released by global data, analytics and technology company Equifax, Australian firms shed over $33 billion over the 2020-21 financial year as a result of a relentless spate of cyber attacks.
The Australian Cyber Security Centre (ACSC) estimated that a cyber attack was deployed every eight minutes over the period.
“Cyber crime is a $33 billion people issue, and there is an increased sophistication of attacks exploiting the human link, including advanced ransomware crimes, internal staff being manipulated by threat actors, and cyber criminals exploiting gaps in critical systems,” said Wayne Williamson, CISO, Equifax Australia & New Zealand.
“It’s important that organisations are looking closely at the human elements of the threat and human elements of the corporate response.”
Equifax has hosted a panel discussion to assess cyber trends in the corporate world.
Panellists included John Yates, director of security, Scentre Group; Catherine Buhler, CISO, Energy Australia; and Jamil Farshchi, CISO, Equifax Group/Global.
“It’s a testament to businesses’ growing awareness of the critical importance of cyber security that CISO roles entered the picture five or six years ago with more force, but many CISOs haven’t yet had the liberty of time to establish robust, best-practice cyber risk mitigation programs within their organisations,” Williamson added.
“Cyber security preparedness is ever-evolving, and the responsibility lies with the entire organisation, not just CISOs, to address cyber risks head-on.
"Common themes emerged from our conversations with security leaders at the top of their field: namely, involving a business’ security culture driven from the top and conducting threat assessments on people and technology remain core principles to managing these risks.”
Equifax has released a cyber security checklist, aimed at helping CISOs manage the human elements of cyber security and insider threat programs.