Cyber assaults have been the main story in Australia for the previous few weeks with the breaches at Medibank Non-public and Optus being two of essentially the most excessive profile circumstances.

It’s reported in Enterprise Information America that three-quarters of companies within the UK and the US have been hit by a critical cyber assault a minimum of as soon as since 2019, in accordance with the S-RM Cyber Safety Insights Report 2022.

With each the UK and the US seeing a big enhance in assaults throughout all incident sorts in 2022, it might seem that it isn’t solely Australia that’s being focused by cyber criminals.

The report states that “information exfiltration went up from 37% to 46%, ransomware from 30% to 40%, hacktivism from 32% to 39%, denial of service from 28% to 39%, fraud from 29% to 38% and cryptojacking from 27% to 33%“.

Sticking with the report, I agree with the part that states, “The true value of a safety breach lies within the oblique losses, which have turn out to be extra pricey than the cyber assault itself. Status harm and paid ransom averaged £1.5 million in 2022. Practically half of those companies additionally went into operational downtime, elevated insurance coverage premiums, skilled reputational harm, and paid authorized prices following the cyber assault”.

Right here in Australia, the Australian Competitors and Shopper Fee’s (ACCC) fifth Digital Platform Companies Inquiry Interim Report was launched final Friday (eleventh November 2022). It outlines the ACCC’s suggestions to Treasury for reforms to competitors and client regulation that it considers will handle ‘vital client and competitors harms’ it has recognized in its inquiries over the previous 5 years. These embrace scams, dangerous apps and faux evaluations, insufficient dispute decision, elevated market focus and cases of anti-competitive conduct.

The ACCC has discovered that the present competitors and client legal guidelines will not be enough to deal with these harms, so has beneficial a lot of reforms.

Penalising companies is one factor, however in lots of circumstances that is like having your house burglarised after which being fined for the housebreaking somewhat than punishing the burglar.

Whereas it’s clearly incumbent on all of us to have strong safeguards, processes and common coaching of workers in place, on the similar time, if main authorities establishments in developed international locations have had cyber breaches after investing in lots of thousands and thousands of {dollars} in cyber safety there’s solely a lot that Australian small and medium companies can do.

For a while I’ve questioned why the Australian authorities has not put an finish to robocalls and texts. I might strongly suspect that there must be a telecommunications firm that’s making vital income by permitting voice and textual content over IP providers to those that are making the robocalls and transmitting the textual content messages usually with false cell or land line numbers.

I’m suggested that robocalls have been shut down within the European Union. Please let me know within the feedback part should you consider in any other case.

In the US the federal government, by way of the FCC, has determined to not goal the abroad robocall corporations themselves – somewhat, they’re going after the trunking suppliers who’re permitting robocalls to terminate into the US public switched phone community.

The favored YouTube channel Cross Speak Options just lately posted a video explaining what the US is doing to fight the issue. You may watch it right here.

I strongly urge the Australian Authorities to take an identical method however embrace vital fines and jail time to the Australian Administrators and Senior Administration of any Australian firm that’s aiding and abetting the prison behaviour.

There are a selection of companies that may present recommendation and testing on cyber safety, together with LMI, and naturally I proceed to strongly advocate sound danger administration and cyber insurance coverage protection.