Project Showcase 15 November 2019 Introductory remarks by OCSC Chairman Cameron Boardman
The Threat and Global Trends • 34% of all cyber attacks involved internal actors • 43% of the breaches involved small business victims, 16% were of public sector entities, 15% in Healthcare, and 10% of financial services entities • 23% involved nation-state or affiliated actors • Only 71% were financially motivated while 25% were espionage • 56% took months to discover # • Information theft is the most expensive and fastest rising consequence of cybercrime—but data is not the only target. Core systems, such as industrial control systems, are being hacked in a powerful move to disrupt and destroy • Cybercriminals are adapting their attack methods. They are using the human layer—the weakest link—as a path to attacks, through increased phishing and malicious insiders. Other techniques, such as those employed by nation-state attacks to target commercial businesses, are changing the nature of recovery, with insurance companies trying to classify cyberattacks as an “act of war” issue • Cyberattackers have slowly shifted their attack patterns to exploit third and fourth-party supply chain partner environments to gain entry to target systems—including industries with mature cybersecurity standards, frameworks, and regulations • The global average total cost of cybercrime for each compromised company increased from US$11.7 million in 2017 to a new high of US$13.0 million—a rise of 12 percent* #2019 Data Breach Investigations Report from Verizon * The ninth annual cost of cybercrime study is from accenturesecurity and conducted by the Ponemon Institute
Australian situation
Notifiable Data Breaches Scheme 12-month insights report
Notifiable Data Breaches Scheme 12-month insights report
Notifiable Data Breaches Scheme 12-month insights report
Department of Home Affairs Cyber security is important for Australia’s national security, innovation, and prosperity. We need to keep our information safe, working as a nation to secure our networks and systems.
The Oceania Cyber Security Centre Attaining Collaboration for Complex Solutions and Innovation • Linking industry with research experts to solve problems • Anticipating future problems and identifying solutions • Developing best in class processes to improve preparedness and responses to cyber threats
Cyber Maturity Model (CMM) The CMM considers national cybersecurity to include 5 dimensions: 1. Cybersecurity Policy and Strategy 2. Cyber Culture and Society 3. Cybersecurity Education, Training and Skills 4. Legal and Regulatory Frameworks 5. Standards, Organisations, and Technologies
A CMM review is an important first step to strengthening a nation's cyber security posture. Understanding where the gaps are is critical to lessening the ability of bad actors or cyber criminals to attack a nation, its peoples and their allies.
CMM Program • The CMM has been deployed to more than 80 countries across the globe by the GCSCC and partners, with the OCSC as THE partner for the region. • 5 CMMs conducted so far: • Samoa • Tonga • Vanuatu • PNG • Kiribati
CMM Outcome In our digitally interconnected world, cybersecurity is everyone’s problem. The CMM review is the first step towards strengthening a country’s cybersecurity capacity. We don’t deliver the report and leave. We are committed to working together with countries and the community to build capacity and strengthen cybersecurity in the region.
Recommend
More recommend
