Cybersecurity and the Requirement of a Resilient Environment in Australia - Kalkine Media

August 06, 2020 01:59 PM AEST | By Edita Ivancevic
Follow us on Google News:


  • Since the Cambridge Analytica scandal, people became more aware of the value of cybersecurity.
  • More jobs being created in the cybersecurity industry after more cyber attacks had been happening.
  • There are various possible ways of maintaining a good cybersecurity practice.
  • Most small and middle-sized companies in Australia (SMEs) have seen improvement in their cybersecurity resilience.

With a constant technology upgrade, the need for cybersecurity has significantly increased in the last few years.

The importance of the cybersecurity sector got more attention after the infamous Cambridge Analytica affair. The scandal took place in 2018, resulting in the largest data breach of Facebook history. Millions of the social media’s users were used for collecting information about the American voters and their Facebook friends, which were consumed for a Donald Trump presidential campaign.

Ever since then, people were more cautious about what to share on social media and the significance of protecting their data as much as possible.

Cyber resilience

By definition, cyber resilience was designed to prevent, respond, and learn from cyber attacks. In the last five years, many companies put an accent on e-commerce sales because of its efficiency and saving money (not paying for offices and additional staff), which led to a gold mine for criminals and hackers. That way, enterprises became more vulnerable to breaches and needed to step up in creating a safe digital environment.

Businesses started producing more jobs in cybersecurity so they could protect their clients and the reputation of the firm. As of 2018, Australia was short of 2,300 cybersecurity employees in this sector, and it would be no surprise if this career is heavily pursued in the JobTrainer program, recently introduced by the Morrison Government.

Maintaining a good cybersecurity practice

Preventing cyber attacks is a lot more important than defending from one, when it is already too late. For that reason, businesses invest a lot of money in the attack’s prevention, as well as making sure that the Board is engaged in reviewing the company’s security measures as appropriate.

Not every firm is at the same risk from criminal attacks. Board experts need to calculate the potential risks and invest in more security in case of a high threat. They need to think of all possible scenarios and make developments in order to prevent the breach.

Being educated about the cyber language, business, and potential risks that face firms are some of the qualities that every Board of cybersecurity professional needs to have. By having them all, there is a lower chance of getting attacked in the first place, and a higher chance of having a good response strategy when the breach happens.

All business factors need to be interpreted as a whole, rather than being reviewed separately. This approach secures a good assurance for the clients, as well as for good business maintenance. Some companies even hire third-party partners in order to deliver the very best service for the customers.

Collaboration and sharing information with other parties (such as financial, security or law institutions) is crucial when taking care of cybersecurity. Companies can identify motives for the attacks if they have successful collaboration agreements.

Last but not least, the cybersecurity professionals need to be properly trained and introduced to every possible way that a hacker can use to steal their data. It is highly recommended to test the staff by sending them emails containing malware and wait for their reactions and response.

Resilient environment in Australia

Since the 2017 cyber resilience research in Australia, businesses improved their management by an average of 15%, the new study finds. They put more efforts and made investments in risk management and reaction to threats. As of December 2019, 80% of the companies felt like their cybersecurity strategies were managed in a better way (20% improvement since the last study in 2017).

Examinees approached their cybersecurity resilience by setting targets throughout several cycles. Most companies found it hard to reach cycle 1 targets but being too ambitious and frequently changing the risk environment could explain the result.

To examine the resilience, the research set five functions (identify, protect, detect, respond and recover) to check how resilient the examined small and middle-sized firms are (SMEs).

80% of SMEs found that their risk assessment had either stayed on the same level or got slightly better than before. There has been some improvement since the cycle 1, but the firms believe there is more chance for improvement in this particular area.

After analysing prevention against the attacks, it has been concluded that employees have been more aware of risks and better trained for breach protection (by 77%). Nevertheless, workers could still make their skills better.

If the breach is not detected on time, it is highly possible that the situation will be worse, and more damages will be done within the business. There has been a significant change for the better in the detection function (by 25%), but there need to be more checks for anomalies.

Responding and recovering functions have been improved from 25% to 31.5%. The two functions were the ones that firms were most concerned about, so the results were seen as optimistic for the businesses.

In summary, around 80% of SMEs have seen better work in cybersecurity resilience, but they are still expecting their workers to keep sharpening their resilient skills.

Safety first

If it comes to any form of a cyber attack, the most important thing is to report the situation to the Board. The employees need to advise them of attempts and their safeguards could be improved to minimise the damage of the criminal breach.

Now that more people are working from home, their personal data is put at a huge risk, as most of them are working from personal computers or laptops. Every future attempt for breaking in the company’s systems through personal computers will be a lot easier to do because personnel’s devices are not as resilient to breaches.

Cybersecurity is an ongoing problem that needs constant maintenance and reviews. In the end, it is important to look at the positives and realise that the cyber issue will create a lot of jobs, which will be a happy consequence of the constant risk of penetrating financial systems.


The content, including but not limited to any articles, news, quotes, information, data, text, reports, ratings, opinions, images, photos, graphics, graphs, charts, animations and video (Content) is a service of Kalkine Media Pty Ltd (Kalkine Media, we or us), ACN 629 651 672 and is available for personal and non-commercial use only. The principal purpose of the Content is to educate and inform. The Content does not contain or imply any recommendation or opinion intended to influence your financial decisions and must not be relied upon by you as such. Some of the Content on this website may be sponsored/non-sponsored, as applicable, but is NOT a solicitation or recommendation to buy, sell or hold the stocks of the company(s) or engage in any investment activity under discussion. Kalkine Media is neither licensed nor qualified to provide investment advice through this platform. Users should make their own enquiries about any investments and Kalkine Media strongly suggests the users to seek advice from a financial adviser, stockbroker or other professional (including taxation and legal advice), as necessary. Kalkine Media hereby disclaims any and all the liabilities to any user for any direct, indirect, implied, punitive, special, incidental or other consequential damages arising from any use of the Content on this website, which is provided without warranties. The views expressed in the Content by the guests, if any, are their own and do not necessarily represent the views or opinions of Kalkine Media. Some of the images/music that may be used on this website are copyright to their respective owner(s). Kalkine Media does not claim ownership of any of the pictures displayed/music used on this website unless stated otherwise. The images/music that may be used on this website are taken from various sources on the internet, including paid subscriptions or are believed to be in public domain. We have used reasonable efforts to accredit the source wherever it was indicated as or found to be necessary.

Top ASX Listed Companies

We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it. OK