Cyber intelligence a priority

Australian companies are more at risk than the rest of Asia of cyber attacks with each data breach costing in excess of $2.5 million.

Cyber risks are coming so quick and focused at an organisation’s digital assets, operations and information that businesses simply can’t keep up.

That’s the view formed by global accounting and consulting giant Deloitte who has established a Cyber Intelligence Centre in Australia.

“While the main motivations are criminal and political gain, the majority of attacks, more than 92%, come from outsiders,” James Nunn-Price, Cyber Practice Leader, Deloitte, said.  “However, the fact that the number of insider attacks has doubled to 14% in the last year is on our threat radar. There is external and internal collusion in a number of cases there so the total number adds up to more than 100%.”

The national Cyber Intelligence Centre will link in with Deloitte’s existing Cyber Intelligence Centres in the UK, Europe, Canada and the United States.

Nunn-Price believes that Australia faces more threats than the rest of Asia attributed to three key reasons. 

“Firstly, Australia has a high adoption of new technology, particularly in key operational processes,” Nunn-Price said. “We predict that one billion smartphones will be upgraded globally in 2015 with Australia the sixth largest concentration of this; Deloitte’s November 2014 Mobile Survey of 2000 Australians finds that 57% of Australians live by their phones  - we’re a big target.

“Secondly, there is easy money to be made. Organised crime comprises more than 55% of the attacks seen and Australia’s position as a wealthy nation and the gateway between East and West increases the opportunity for criminals. We are being targeted from all sides.

“Thirdly, Australia is increasingly visible in global politics. Our global research shows that 21% of all attacks are state affiliated, the second highest source of attack. This will increase as Australia’s global standing increases with our national and international success.”

Deloitte believe that there are a number of factors exploiting weaknesses that are simply by-products of business growth and technology innovation. These include new customer models and corporate re-structuring, new customer service and sales models, new sourcing and supply chain models, new applications and mobility tools.

“The previous big rise in insider threat was fuelled by the GFC and people potentially falling on hard times,” Nunn-Price said. “That kept step with increases in traditional fraud and crime. Today given the pervasive, tech savvy capability of those entering the working population, individuals that traditionally would not have known the inner workings of IT, now know as much, and sometimes more, than the IT department.

“There is a long history of control and monitoring around financial processes, including insurance fraud, but IT vulnerabilities – missing patches, inadequate monitoring for example – are still the weakest link from a cyber risk perspective in IT.”

While no industry or business is at more risk than others, there are areas where a business needs to be extra diligent such as those with financial and intellectual property assets, businesses that are price sensitive through acquisitions, initiatives and stock market announcements and finally those companies in the supply chain of the businesses mentioned above.

“These vulnerabilities apply to the leading companies in any sector,” Nunn-Price said. “We see more breach notifications overseas where such laws exist in bulk personal and financial data, and outsource suppliers to companies handling such data.”

So, what can companies do to fight against cyber risk?

“Information security audits and frameworks like ISO27001 are the basics but they don’t look at operational processes,” Nunn-Price said.

“Managing cyber risk, and impact, is all about getting operational processes to monitor and respond effectively. The SANS Top 20 Critical Controls is a great starting point, but if there is not a big in house team, then companies should select a trusted partner for managed cyber services and a partner for cyber incident response for when - not if - it goes wrong.

“Digital is without borders. That is a great driver for growth where geography has traditionally been a barrier. The world is now on our doorstep and it includes everybody – not just the customers you want but the ‘customers’ you don’t want. The challenge will be knowing and protecting your critical IP. You can’t protect everything especially as the insider threat will continue to increase in future.”