Australia’s lack of cyber security engagement remains a perplexing issue
The fourth industrial revolution brings a new operational risk for smart manufacturers and digital supply networks: cyber. Cybersecurity strategies should be secure, vigilant, and resilient, as well as fully integrated into organisational strategy from the start.
Through its use of smart, autonomous technologies, Industry 4.0 strives to marry the digital world with physical action to drive smart factories and enable advanced manufacturing. But while it plans to enhance digital capabilities throughout the manufacturing and supply chain processes and drive revolutionary changes to connected devices, it also brings with it new cyber risks for which the industry is unprepared.
Cloud adoption in Australia could soon hit a major speed-bump – skills shortages in cloud security. There’s nothing new about cybersecurity skills shortages, which most expect to persist into the foreseeable future: AustCyber predicts that the nation will need around 18,000 more cybersecurity workers by 2026, a number significantly beyond our current trajectory.
For most Australian businesses, it is not within their realm of possibility to have those skills in-house, combining a historical understanding of the organisation and its workflows with enough technical proficiency to secure those various use cases in the cloud. This is particularly so for smaller enterprises which may lack the headcount or budgets to deliver even a passable level of cloud security on their own.
SMEs tend to struggle to improve their cybersecurity, since they often do not have the specific equipment required. There are ultimately no affordable turnkey solutions (complete development from beginning to end) for protecting systems, and the information available about the threats is limited and unconsolidated. Furthermore, those big businesses forums that do exist for the exchange of information are often beyond their reach.
So, what can Australian businesses do to close the skills gap? CISO’s and business leaders can give their teams license to upskill, sponsoring them for courses and hands-on training that will quickly boost awareness of the security issues faced in today’s cloud environments. More importantly, they can grant aspiring cybersecurity experts the time and support needed to learn and develop new abilities.
Thinking about how to address cyber risk at the end of the strategic process is simply too late. Cybersecurity should become an integral part of the strategy, design, and operations, considered from the beginning of any new connected, Industry 4.0–driven initiative. Smart Manufacturing relies on a greater convergence of the IT and OT layers of a business and if that is applied to an existing plant, it would be reasonable to assume that the potential for cyber-attack, if not understood and mitigated against would be higher.
2019 was a year where cybercrime consistently dictated the headlines with more than 23,000 Australian businesses experiencing some form of cyber incident. In 2020, we have observed a spike in phishing and ransomware attacks as cyber criminals have sensed an opportunity amid the pandemic, launching a wave of attacks that exploit people’s fear and uncertainty, using COVID-19 as bait to impersonate brands thereby misleading employees and customers. Also, with so many people now working from home, it brings a whole other set of cyber security vulnerabilities. Business environments often have consistent and considered built-in security elements which may be less secure at home meaning it is more important than ever to make sure your organisation is capable of fending off attacks and preventing data breaches.
The estimated cost of cybercrime for Australian businesses is now $29 billion per year, an average of $276,323 per business. Australian research shows a compellingly dangerous figure where 52 per cent of companies are paying the demands sought by cybercriminals. 87% of SMBs believe that they are relatively safe from cyber-attacks if they have anti-virus software but while this is part of an essential list, they cannot rely on it alone.
So, what will it take for a business to change its mind set, and what will be its tipping point before we see the collapse of some corporates?
Ai Group Talent Solutions can help you bridge the skills gap in your company. Our industry specialists can advise and facilitate solutions to ensure your cyber security needs are being met. If you would like more information, please contact the Talent Solutions team on (03) 9867 0131.
Contributions to this article from: Deloitte, Corne Mare, CSO online, AustCyber, Industry Today, Incibe-cert, Greenlight ITC & CIO