In Australia, Cybersecurity is something that all Australians – both in business and in their personal lives – need to take more seriously now than ever before. The Australian government recently announced that it would be investing $Aus1.35 billion in cybersecurity over the next decade in the wake of an increased number of attacks targeting Australia.
A significant chunk of that money ($Aus12 million) is going to be provided to telecommunications companies to help block known malicious websites and viruses rapidly, but individuals and businesses will ultimately need to also take responsibility for their own cybersecurity, and the government’s actions should be seen as a waking call for how significant the threat really is.
The real threat scale
Understanding the scale of the threat facing businesses and individuals is key to tackling the problem. Looking at the top 15 biggest data breaches in history, a couple of things are made quite clear; firstly that even the large businesses in the world can be targeted, and secondly, having the perception of being secure isn’t necessarily the same thing as actually being secure. No one would have thought that a company with such sensitive data such as Equifax would have had security vulnerabilities, for example, and yet in 2017 those vulnerabilities were exploited and data for almost 150 million consumers was stolen.
The Australian government is doing its part to help lock down those vulnerabilities. Another part of the cybersecurity package is a $Aus470 million investment into cybersecurity skills. That initiative is aimed at creating over 500 new jobs with a security focus. That is a drop in the ocean compared to what Australia will need, with one report finding that the local market will have to add around 16,600 jobs by 2026. What this means for enterprises is that finding and keeping talented security professionals is going to be expensive, because competition for those individuals will be fierce.
For individuals, the security problem is even more challenging; everyone needs to use the Internet for both work and entertainment at home, and while you’re not likely to be attacked by a hacker of the kind of sophistication that targeted Equifax or Yahoo! (that famous case of three billion records being compromised a few years ago), there are millions of smaller threats that are designed to help hackers get into your personal PCs and home networks.
What can individuals do?
The Australia government’s investment in helping ISPs lock down dangerous websites is a useful start, but individuals should still take the initiative to enact security best practices for their home networks.
Keeping your technology secure through the use of anti-malware and firewalls, and keeping your router/modem secure through strong passwords and other protections are an important first step. Often, however, people that have these things installed then become complacent and assume that they are now invulnerable to malicious programs. It only then takes a well-disguised email, looking like it comes from their bank and asking for their username and password, for the hacker to circumvent all those protections.
Every person should be constantly educating themselves on the methods that hackers are using to infect computers with viruses and steal their identity. This doesn’t mean that everyone needs to become a security technology expert, however, everyone should be practicing common best practices.
This is particularly true with more people working from home and remotely than ever in response to COVID-19. Weaknesses and vulnerabilities in-home networks can become a threat to the enterprise and this additional “surface area”, to use the IT security term, is a potential headache and disaster for the IT security team.
IT security into the future
The rate in which new IT security and cybersecurity threats emerge outpaces the ability of any company – or government – to counter. The Internet is a fundamentally insecure environment, and people need to be cognizant of that. Rather than invest in technology and hope it does the job, individuals need to take a level of personal responsibility for how they use the Internet, and keep themselves educated on the changing security landscape, and how to avoid falling into the traps that hackers devise.
The good news is that it’s not an impossible challenge, and by remaining careful while on the Internet, in combination with the work that government, telecommunications, and the technology sector are doing to address the security challenges in Australia, the changes that you’ll be caught out can be minimized drastically.