Senior executives and boards must consider cyber security risks more regularly

The Government has released a comprehensive cyber security survey of Australian government and major businesses of national significance, published by the Australian Cyber Security Centre.

The 2016 Australian Cyber Security Centre Survey reinforces understanding of the unrelenting and increasingly sophisticated cyber threat that organisations face every day. It confirms that many Australian organisations – 90 per cent of those surveyed – are experiencing some form of attempted or successful cyber security compromise, and that some are being targeted up to hundreds of times per day.

Importantly, the survey demonstrates a high level of ability of organisations to prepare for and recover from cyber threats, but the continually changing threat environment means more needs to be done to prepare, adapt and detect potentially malicious activity.

Key findings from the survey include:

  • the need for senior executives and boards to be considering cyber security risks more regularly – and not just when there is an incident to manage
  • the need to improve our understanding of the factors that can increase cyber security risk
  • the need to better understand the value of the data and systems we are trying to protect
  • the need for cyber security plans to consider whole of business operations and impacts as well as be regularly reviewed and exercised to ensure they remain relevant and effective.

The survey provides a benchmark for future reporting and will be an important document to help the Australian Cyber Security Centre ensure its advice continues to meet requirements, as well as deepen understanding of the pressures industry and government face in cyberspace.

A copy of the 2016 Australian Cyber Security Centre Survey is available on the Australian Cyber Security Centre website.