Since Australia’s 2013 National Plan to Combat Cybercrime was published, the cybersecurity landscape has changed drastically. As technology becomes more integrated with professional and personal life, there is nearly limitless opportunity for cybercriminals to exploit people, businesses, and governmental organisations. As cybercriminals become more sophisticated in their methods, the consequences become more detrimental as well. Without a full-scale effort to combat the threat, we can only expect this trend to continue.
As a result, the government has established a partnership between the federal government, state governments, and territory governments to address and prevent the threat of cybercrime and data breaches. Most efforts address the role played by the public and private sectors in cybersecurity and the complimentary roles played by society as a whole.
What Is Cybercrime?
Cybercrime describes all forms of crime that involve a computer or network of computers. Common cybercrimes include online fraud, identity theft, denial of service attacks, and data breaches. Cybercriminals are typically anonymous groups or individuals who exploit networks, devices, and people to carry out their crimes. They use a variety of methods to steal valuable data from individuals and businesses, including stealing bank details, selling stolen data, and identity fraud.
Cybercriminals are constantly sourcing new ways to carry out their crimes, including responding to changing security environments and new internet legislation.
Australian Cybercrime Fundamentals
The Australian government routinely passes new laws or measures to confront the ever-changing threat.
Most notably has been the formation of REDSPICE, the most significant single investment in the Australian Signals Directorate’s 75 years. It was formed for the purpose of responding to the deteriorating strategic circumstances in our region. REDSPICE and other measures make it clear that the Australian government is fully invested in improving the current security landscape.
Let’s review some additional recent measures and how they affect business leaders:
- Surveillance Legislation Amendment Bill (LAID Act) which enables the AFP and ACIC to enhance their ability to seek out, target, investigate and disrupt severe criminal activity online. This suggests heavier government involvement in preventing cybercrime in the public and private sectors.
- Working with the private sector to protect our community from malicious SMS by enacting regulations to give the public the confidence in providing relevant information that helps to detect and block such threats.
- Operation Orcus Taskforce: a special organisation established by the Australian Federal Police. This unit is tasked with tackling the rising threat of ransomware in Australia and overseas marketplaces. This is good news for large Australian corporations, who face severe consequences in the event of a ransomware attack.
- The Federal government invested more than AU$1.67 billion from 2011 to 2020 to develop cyber defences. This expanded budget will help provide more monetary resources to identify and prevent cyber threats.
- Establishing ReportCyber to provide community members the ability to report cybercrimes to law enforcement. This higher degree of vigilance can help alleviate the threat to businesses and individuals.
What does this legislation mean for business leaders? Essentially, the Australian government has set an expectation and precedent that national and local governments as well as corporate leaders must come together to reduce the threat of data breaches. This is good news for organisations. However, it is clear that the government will require participation from organisations and citizens to make these strategies work. I expect that over the next several years, the government will pass more legislation that puts an onus on business leaders to keep their people and sensitive data safe. This will likely make corporate cyber awareness a non-negotiable.
The Future of Cybercrime in Australia
Based on the current trend, it is clear that the Australian government will continue with their multifaceted strategy to minimise the frequency and consequences of attacks. Thus far, we’ve seen the government diversify their approach, such as encouraging a tax incentive to small businesses that implement cyber awareness training. I believe we will continue to see emphasis on better awareness and training, greater cooperation with partners, more engagement with the private sector, and more investment in crucial cybersecurity capabilities.
Cybersecurity awareness training is a crucial aspect of a multifaceted approach. Proactive training and awareness supports widespread cyber resilience so that Australian individuals and businesses can better understand the dangers of cybercrime and ways they can secure themselves. As business leaders, it is critical that you participate in these initiatives led by the Australian government in order to minimise the impacts of cybercrime for your own business as well as for the country in the future.
PhishNet delivers highly effective, engaging and affordable cybersecurity training that empowers staff to reduce an organisation’s risk.
Talk to PhishNet today to learn more or check out our free Risk Assessment.