Cyber - Significant data breaches predicted to continue

13 February 2023

The 2022 McGrathNicol ransomware survey found that 69% of Australian businesses have now experienced a ransomware attack in the past five years.

The increasing prevalence of cyber attacks has highlighted the need for businesses to better prepare for and plan a response to such incidents. With increased regulatory oversight and legislation being introduced by the federal government, Australian organisations will need to develop robust cyber programs to address cyber risk. A key component of any cyber program must be the development of a rapid incident response plan – and regular testing of this – to ensure that an organisation can effectively respond to a cyber attack when it does occur.

There is a growing expectation for organisations to demonstrate a high level of cyber security readiness. Recent legislative changes in Australia have led to an increase in penalties for organisations who are victims of a cyber attack. Organisations found to be non-compliant with data protection regulations can now face significant fines. Regulations such as the Notifiable Data Breaches (NDB) scheme require organisations to report certain types of data breaches to the Office of the Australian Information Commissioner (OAIC) and affected individuals. Additionally, the Security Legislation Amendment (Critical Infrastructure Protection) Act 2022 (SLACIP) has introduced a new accountability framework for businesses that operate critical infrastructure, mandating them to meet certain cyber security standards and report any cyber security incidents to the appropriate authorities in an expedited timeframe.

When looking at the types of incidents we responded to in 2022, vulnerabilities were the most significant root cause of data breaches. With a sense of renewed urgency, Australian organisations must implement proactive measures and controls to prepare for and respond to cyber incidents. These steps will help businesses mitigate any financial and reputational damage caused by a cyber attack and allows them to identify and remediate vulnerabilities before they are exploited.

By conducting regular vulnerability assessments and penetration testing, as well as implementing security controls such as firewalls, Endpoint Detection and Response (EDR), and continuous monitoring and detection of anomalous behaviour, organisations can significantly reduce the risk of becoming another cyber statistic in 2023.