.jpg)
The business case for cyber security and insurance has long been established, but weak cyber defences still exist and could be putting the country at risk, an expert has said.
Following the release of a new report from the Committee for Economic Development of Australia (CEDA), which found Australia to be underprepared for state-sponsored cyberattacks, Jason Edelstein, CTO of Sense of Security, said that as governments and businesses work closer together, cyber attackers will target the weak link.
Search and compare insurance products for Cyber from specialty market providers here
“At the moment, that’s business,” Edelstein said. “We are still found lacking when it comes to educating employees of the risks of cyber security, with weak passwords and the increasing sophistication of social engineering being critical issues.”
Edelstein said that it was “no surprise” that the CEDA had found Australia to be at risk. The recent government cyber breach, which saw the personal details of up to 50,000 Australians mistakenly posted online, shows that contractors and other businesses need to take cyber issues seriously, he said.
He also called for the implementation of stronger regulations and governance policies to ensure that businesses, especially those working with government or critical infrastructure, remain on top of their cyber risks.
“Measuring enterprise levels of cyber resilience will be paramount in ensuring Australia’s cyber defences are up to standard in the event of a cyber war, and one of the best ways is with a cyber health check,” he noted.
While the insurance industry has long talked of the benefits that the soon-to-be introduced mandatory data breach legislation will have on both the cyber security and insurance market, Edelstein remains sceptical.
“The data breach notification bill, which will be introduced in February, will help increase the focus on business’s cyber security policies,” Edelstein said. “But, its effectiveness is still yet to be determined.”
Meanwhile, for brokers, who play a key role in the uptake and understanding of cyber security as well as cyber insurance, it is important to inform clients of the continually rising risks. Edelstein believes the risk shows no signs of slowing as Internet of Things devices are only “further exasperating” the problem for businesses because they are rushed to market with security an “afterthought.”
“This is a major issue for Australian businesses, as employees are bringing these devices into the workplace and connecting it to the network, leaving the business vulnerable - one connected projector or video conferencing system could be the perfect security hole for hackers to take advantage of,” he concluded.
Related stories
Travelers explains why it doesn't want to grow faster in cyber insurance
Cyberattack reports just ‘tip of the iceberg’ says QBE
