IT Brief Australia logo
Technology news for Australia's largest enterprises
Story image

Should the Government regulate cybersecurity?

Fri 13 May 2016
FYI, this story is more than a year old

By Jon McGettigan, Fortinet senior director ANZ and South Pacific Islands

It has been famously said that, “the wheels of justice turn slowly.” That’s partly because the process most governments use when creating regulations and laws encourages debate, the careful examination of all sides of an issue, and the development of bartered consensus between groups with differing needs and opinions. In the modern era, this model has been very successful at promoting economic success while balancing personal freedom with social accountability.

This model is less effective, however, when it comes to regulating highly dynamic issues like cybersecurity. Networks, devices, applications, and services are changing at an exponential rate. Users and organisations are wrestling with threats on devices that didn’t even exist 18 months ago. So trying to codify cybersecurity regulations can be a lot like trying to paint a racecar as it zips around the track.

Which is why Australia is trying something new. Prime Minister Malcolm Turnbull last week announced a new $230 million cyber security strategy. Based on a year-long study of the industry, it focuses on closer collaboration between government, business, and individuals. It is comprised of three objectives:

1.  Making Australians aware of cyber risks, and helping them secure their computers and take steps to protect their identities, privacy, and finances online

2.  Helping Australian businesses operate secure and resilient information and communications technologies to protect the integrity of their own operations and the identity and privacy of their customers

3.  Ensuring that Australian Government information and communications are secure and resilient

As a key component of Objective Two, the Australian federal government will offer cyber security 'health checks' to Australia's top-100 ASX-listed companies. It is also hoping to set up voluntary guidelines "co-designed with the private sector" to help organisations improve their cyber security resilience.

The announcement has received mixed reviews from industry experts. Some feel that the inherent risk of cybercrime and the costs of a public breach, combined with the desire to offset risk with new tools such as cyber insurance, will naturally drive organisations to create and adopt more aggressive cybersecurity standards.

Others are more sceptical. Most notably, this new strategy omits the mandatory reporting of security breaches, something required in places like the US and Europe. And some feel that without specific regulations, many organisations will delay critical security upgrades.

They cite that many organisations are already aware of the risks, and still have substandard security implementations. Many are specifically concerned about those organisations that manage critical infrastructure, or where a cyber attack could put Australian citizens at risk, either financially or physically.

And this is where it gets tricky. Make regulations too specific, and the evolution of the technology will quickly outpace requirements. Make them too generic, and their ambiguity dilutes their effectiveness. And one size fits all standards are hard to impose across the entire spectrum of businesses. So what do we do?

Fortunately, there are models that have been pretty effective. The Payment Card Industry Data Security Standard (PCI-DSS), for example, targets a very specific business activity: the processing of credit card transactions. It has been globally adopted, the requirements are straightforward, and the penalties are severe enough to ensure compliance. 

Other standards are designed to protect the privacy of individuals. The Health Insurance Portability and Accountability Act of 1996 (HIPAA) in the US regulates the use and disclosure of protected health information. Many countries have adopted similar regulations designed to protect individual personally identifiable information (PII).

Other regulations have adopted a strategy of holding corporate board members personally liable if a breach occurs in a publicly traded company and it is shown that the company failed to implement adequate security based on best practices in their industry.

Nothing motivates action or frees up budget quite like personal liability.

Regardless of the outcome of Australia’s new cybersecurity strategy, we can all agree on a few things:

1. There is a huge, and growing, security skills shortage, which makes planning, designing, implementing, and optimising a security strategy increasingly difficult for many organisations.

2. Networks are becoming increasingly complex. It is not uncommon for organisations to have siloed security solutions from dozens of security vendors plugged in across their networks. This is not a strategy that can scale effectively for long.

3. A second set of eyes on your security environment, which includes things like an architectural review, penetration testing, and consulting services which help you clearly identify and prioritise a “get well” security strategy, are almost always far less expensive than a critical breach.

By Jon McGettigan, Fortinet senior director ANZ and South Pacific Islands

Related stories
Top stories
Story image
LG Electronics
LG Electronics brings on Aussie AV distributor Alloys
LG Electronics Australia Business Solutions has appointed Australian AV distributor Alloys as a new distribution partner.
Story image
Energy
Sustainability huge factor for APAC data centre managers
A new report reveals that 85% of data centre managers in APAC believe that sustainability will significantly impact operations and decision making.
Story image
Pegasystems
Marketing technologies set to increase revenues - study
Marketing leaders say that investment in new marketing technologies (MarTech) will drive significantly increased revenues.
Story image
Equinix
Aussie businesses buckle down on digital tech investments
Australian businesses are planning major investments in digital technologies to support ambitious expansion plans.
Story image
Telecommunications
WiFi as a Service market to reach $26 billion through 2032
As a result of the easy management of wireless infrastructure over cloud services, WaaS is experiencing rapid growth.
Story image
Collaboration
Enterprise service management: the importance of a one-stop shop
In an online world, employees and end-users want one place to go for all their questions and requests. Intranet technology and self-service portals are useful tools that help serve this purpose.
Story image
Apple
Jamf introduces new content filtering solution for education providers
Jamf has announced the launch of Jamf Safe Internet, a new offering that looks to deliver a safe online experience to students while offering better management options for admins.
Story image
Infrastructure
Video: 10 Minute IT Jams - An update from Paessler
Sebastian Krüger joins us today to discuss how unified infrastructure monitoring enables MSPs to seamlessly deliver services to their clients.
Productivity
Discover the 5 ways your ERP may be letting you down. Is your current system outdated, difficult to manage, and costing you a fortune?
Link image
Supply chain
Discover the 4 critical priorities for wholesale distribution businesses in FY23. Are you worried about how supply chain issues may affect your business in 2023?
Link image
Story image
Accounting
Four factors to consider when choosing the right job accounting solution
Progressive job-based businesses can achieve success by strengthening their ability to quantify every cost attributable to the delivery of an outcome for a customer.
Story image
Cybersecurity
Tech and data’s role in the changing face of compliance
Accenture's study found that 93% of respondents agree or strongly agree new technologies such as AI and cloud make compliance easier.
Story image
Sustainability
Honeywell named Frankston facility services provider
Honeywell has been named the joint facility services provider for Frankston Hospital’s AU$1.1 billion redevelopment.
PwC
PwC's Consulting Business and PwC's Indigenous Consulting are proud to play an important role in helping Australian Indigenous Mentoring Experience build IMAGI-NATION, a free online university for marginalised communities around the world.
Link image
Story image
Samsung
Monitors are an excellent incentive for getting employees back
The pandemic has taught us that hybrid working is a lot easier than we would’ve thought, so how can the office be made to feel as comfortable as home? The answer could be staring you in the face right now.
Story image
Wiise
Four things wholesale distributors need to consider for FY2023
In a post-pandemic world, there are many things for a distribution business to juggle. ERP solutions company Wiise narrows down what companies should focus on.
Story image
Artificial Intelligence
Dynatrace extends automatic release validation capabilities
Dynatrace has extended its platform release validation capabilities to improve user experience at every stage of the software development lifecycle.
Story image
Digital Transformation
Munro Footwear Group chooses Boomi to assist with digitisation strategy
Munro Footwear Group (MFG) has selected Boomi to assist with its eCommerce and digital transformation roadmap goals.
Story image
Solutions
Progress launches latest version of network visibility solution
In Flowmon 12 network solution, Progress has expanded its support for public cloud provider flow log monitoring and launched new features.
Story image
Enterprise Resource Planning / ERP
Five ways your ERP is letting you down and why it's time for a change
Wiise explains while moving to a new system may seem daunting, the truth is that legacy systems could be holding your business back.
Story image
SaaS
Ping Identity appoints Deloitte Australia as a partner
Ping Identity has appointed Deloitte Australia as a Consulting Technology Partner, uniting its offerings with the company's consulting services.
Story image
Capital
Rubber Monkey gears up for Aussie market with latest capital raise
Rubber Monkey is seeking to raise up to NZ$2.5 million of new capital through online investment platform, Snowball Effect.
Story image
Amazon
What brands can expect from Amazon Prime Day in Australia
Amazon Prime Day is the annual two-day shopping event, kicking off this year from July 12-13 and is the global online shopping platform's biggest sales event. 
Story image
Data Protection
Five signs your business is ready to move to the cloud
Many organisations are thinking about moving to the cloud. But what are the signs you are ready, and what are the reasons to move?
PwC
WSLHD and PwC’s Consulting Business came together to solve through the challenges of COVID-19. A model of care was developed to the NSW Health Agency for Clinical Innovation guidelines with new technology platforms and an entirely new workforce.
Link image
Story image
Metaverse
How the metaverse will change the future of the supply chain
The metaverse is set to significantly change the way we live and work, so what problems can it solve in supply chain management?
Story image
Document Management
NZ's FileInvite raises $10M in latest investment round
FileInvite has raised $10 million in Series A investment to fast-forward the extinction of email for requesting and collecting documents online.
Story image
Cybersecurity
Delinea’s Joseph Carson recognised with OnCon Icon Award
Delinea chief security scientist and advisory CISO Joseph Carson has been recognised as a Top 50 Information Security Professional in the 2022 OnCon Icon Awards.
Story image
Ransomware
Examining the future of ransomware threats with Vectra’s CTO
As customers' valuable data move to the cloud, so will ransomware. What is the current landscape and what do we need to know?
Story image
Artificial Intelligence
Eight top DevSecOps trends to support IT innovation in 2022
The use of DevSecOps practices is growing, as it is increasingly seen as the best way to produce high-quality and secure code. So what are the current trends?
Story image
Payroll
How New South Wales state departments achieved cloud migration success
State departments in New South Wales are heading to the cloud to achieve better workflow solutions, and one company is paving the way for their success.
Story image
Document Management
Regaining digital trust and enhancing digitisation in Australian Government agencies
Having a digitised ecosystem of documents, tools and data can help bolster security, improve workflow and ultimately create better services.
Story image
Airwallex
How Airwallex helps businesses achieve globalisation success
As markets continue to shift, businesses need to be able to provide the same quality of service for customers regardless of where they are located around the world.
Story image
Storage
EXCLUSIVE: Finding the best data center for your business needs with datacenterHawk
Companies using cloud are consistently looking for the best storage solutions to suit their enterprise needs and often have to go through rather complex processes in order to find the right fit.
Digital Transformation
Discover the 5 signs your business is ready for a cloud-based ERP. Is your business being left behind as more of your competitors switch to the cloud?
Link image
Story image
Media
Registrations for the W.Media Sydney Cloud and Datacenter Convention 2022 now open
Are you a C-Level executive looking to enhance your knowledge in the cloud and data center space in order to get the best results for your company?
Story image
ABI Research
NaaS market expected to reach $150B by 2030 - research
"The market is immature and fragmented, but telco market revenue will exceed US$75 billion by 2030 if they act now and transform to align with requirements."
Story image
CSG
To win at 5G, telcos must tame their quoting chaos
The catalogs of CSP (communication service providers) market offerings are set to explode as new digital services emerge, powered by B2B2X business models.
Story image
Microsoft
Elders signs five-year agreement with Microsoft to boost innovation
Australian agribusiness Elders has signed a five-year agreement with Microsoft that looks to transform its customer experience, efficiency and sustainability outcomes.
Story image
Artificial Intelligence
Accenture shares the benefits of supply chain visibility
It's clear that gaining better visibility into the supply chain will help organisations avoid excess costs, inefficiencies, and complexity to ultimately improve their bottom line.
Project management
Discover the 4 crucial factors for choosing the right job-costing solution. Is your team struggling to cost jobs and keep projects running on budget?
Link image
Story image
AGVs
Bridgestone Australia uses Dematic's AGVs to optimise warehouse operations
Bridgestone Australia has deployed Dematic's Automated Guided Vehicle solution across its new Melbourne warehouse in Truganina.
Story image
ASI Solutions
Western Australia CUA panel picks ASI as preferred supplier
Western Australia's Common User Arrangement (CUA) panel has chosen ASI Solutions as a preferred supplier for device hardware.
Story image
Cybersecurity
Without trust, your security team is dead in the water
The rise of cyberattacks has increased the need for sound security that works across any type of business, but with any change, buy-in is essential. Airwallex explains why.