12 November 2013
Australian organizations are facing increasingly demanding challenges, with the risk of cyber attack rising by 250% since 2010 , warned BSI today.
In an address delivered in Sydney, Mr Howard Kerr, Chief Executive of BSI, warns of the increasing prevalence and complexity of the threats to cyber security.
“Organizations that don’t effectively address the risks and possibility of cyber attack, whether malicious or unintentional, do so at their peril,” cautioned Mr Kerr.
“The changing face of technology has brought great benefits to the work environment and transformed how we work, store and access data,” he explained, “Yet in stark contrast has exposed the majority of organizations to the potential for attack.”
Threats to an organizations cyber security present a critical challenge in terms of scale, complexity and impact – with business assets such as corporate and customers data, intellectual property and brand reputation at risk,” he explained.
Cyber attacks have cost Australia over $1 billion in the past year and affected five million people.
Organizations are facing renewed vulnerability with technology pervading every aspect of their operations.
The volumes of business data being managed are doubling every 1-2 years and putting a strain on IT infrastructure and cloud computing has seen strong growth recently with large amounts of commercially sensitive information being stored outside of the corporate perimeter.
Driven by the business benefits they bring, more flexible ways of working are becoming increasingly popular yet paradoxically creating new security challenges.
Outsourcing, mobile working and BYOD (as opposed to company-issued devices) has risen exponentially over the past few years yet almost a quarter of organizations having experienced a serious security incident due to the connection of a personal device onto their network .
“All of these developments are making information security increasingly difficult to manage with threats are growing in sophistication and impact and greater penalties being imposed by regulators for breaches and the risks associated with reputational damage,” continued Mr Kerr.
“The scale of the problem remains unquantifiable: not only are Governments and their supply chains being attacked,” he explained, “but the magnitude of the problem remains an unknown.
Governments are attempting to address the risks with the UK, US EC and Australian Governments implementing strategies. But, as Mr Kerr stressed, no one can afford to be complacent and it’s imperative that their practices are in line with today’s business environment to protect their assets and reputation.
The 2013 revision by BSI of the internationally recognised standard, ISO 27001 Information Security, combined with the launch of Star Certification for cloud security providers represents a comprehensive outcomes-based approach to ensure enterprise confidence in addressing cyber security. ISO 27001 is one of the fastest growing management systems globally and the revision of the standard and will enable businesses of all sizes and sectors to address the cyber security threat.
“The challenges currently faced are quite phenomenal and with the introduction of the cloud, these issues potentially impact the whole supply chain,” concluded Mr Kerr.