CIO upfront: Cybersecurity as an enterprise-wide business risk
- 30 November, 2017 07:00
With a new Government committed to digital inclusion and growing the technology sector's contribution to GDP, Cyber Smart Week is a timely opportunity to reflect on the risks associated with our ever-increasing reliance on digital technologies and the importance of being properly prepared.
Cybercrime globally has been described as being at "another level" over the last 12 months by Europol, who reference ransomware attacks such as 'WannaCry' that indiscriminately affected millions of victims worldwide, and in addition to ransomware attacks, botnets, data breaches, attacks on bank networks and payment fraud, which have also all been significant features of 2017.
The rise of artificial intelligence and machine learning is helping cyber criminals to launch more sophisticated attacks, more quickly, than ever before. The recent explosion of cryptocurrencies has facilitated the anonymous funding of these criminal activities with cybercrime-as-a-service and other organised cybercrime on the rise globally. New Zealand has not been immune from attack and, in the digital world, our relative obscurity has not proved a reliable means of security.
Global regulatory trends in cybercrime, data protection and cyber security offer more comprehensive regulatory regimes, increasingly rigorous compliance obligations and steeper penalties for breaches
According to Internet NZ, there are potentially $34 billion in productivity savings to be made if the internet were to be used more efficiently. As these potential savings drive adoption of cloud services and the digitisation of traditionally manual tasks, the quantity of personal and business data that will be accessible digitally and passed back and forth through millions of devices each day, is increasing exponentially.
Which brings us to the Internet of Things. This relative newcomer has quickly gone mainstream and poses a whole new challenge in cyber security preparedness. Information can now be accessed not just from public networks, but also private devices such as home automation systems, smartphones and cars. Studies are beginning to show that many of these interconnected devices have serious vulnerabilities, which could potentially provide backdoor access to connected systems.
Yet, emerging technologies are also helping the good guys as well and 2017 has been a year of new and innovative developments in the fight against cybercrime. Big data analytics, AI and machine learning are all helping identify and analyse threats more quickly and assisting us to be swifter in recognising, understanding and responding to new types of digital crime.
Netsafe's Re:scam service is even using chatbots to reply to scammers' emails and occupy their time so they don't have as much capacity to target real businesses and people.
Government initiatives such as CERT NZ are raising awareness, gathering data and identifying trends that will hopefully enable us to be more proactive in our efforts and more efficiently target our cyber security spend to key risk areas affecting New Zealand.
Global regulatory trends in data protection and cybersecurity offer more comprehensive regulatory regimes, increasingly rigorous compliance obligations and steeper penalties for breaches.
With the New Zealand Privacy Act under review and a new Government in support of a Digital Bill of Rights Act, it is likely New Zealand could follow suit sooner than later.
In this dynamic environment of constantly changing threats, ever-increasing digitisation and a global trend towards more stringent regulation, cybersecurity is no longer just a technology risk, it is an important enterprise-wide business risk both in New Zealand and throughout the world.
Send news tips and comments to email@example.com
Follow CIO New Zealand on Twitter: @cio_nz