Australian businesses warned to take cyber-security threat seriously
Australian businesses warned to take cyber-security threat seriously
Australian companies must apply diligence to ensure they aren’t easy targets for cyber-terrorist attacks.
That was the stark warning issued by Mike Ettling, managing director Unisys Australia-New Zealand, at this year’s ASIAL (Australian Security Industry Association Limited) Security Conference.
Ettling made the point that security is a business and good corporate governance issue, not just a technology issue, and terrorist risk assessment is vital to any successful business.
He argued that the events of September 11 2001 had changed the debate from what was essentially a technical discussion about the risks and impacts of computer viruses and hacker attacks to a broader discussion about the potential ramifications of a terrorist attack on a company, a government, and a nation, through the information technology serving companies or government departments.
“I urge all organisations to ensure there are no gaps in their IT infrastructure,” said Ettling. “Good risk assessment not only mitigates risk, but demonstrates good corporate governance to the community, clients, employees and shareholders.”
Ettling also discussed the risk to corporate reputations - and to boards and senior directors personally - from the effects of cyber-terrorist attacks. He cited the example of ‘phishing’ - the practice of capturing ID and password information for fraud. “Phishing is an example of where hacking and terrorism can converge,” said Ettling. “Terrorists are using identity theft to fund their other, more brutal activities.”
He added: “A cyber-terrorist attack may leave an organisation with an ‘IT repair bill’ of many millions of dollars for the recreation of disaster recovery plans and IT infrastructure. More broadly, companies providing essential infrastructure services may find themselves under regulatory pressure following a cyber-terrorist attack that might compel them act. The Australian financial services sector is already facing this challenge.
"Organisations must do a thorough assessment of the risks to ensure there are zero gaps in their IT infrastructure. One weak link is all that a terrorist might need,” he emphasised."
Related Article: