
The flurry of news and noise around cyber security can be deafening. As business leaders, how do we stay current? Being up to date is vital to my role, and two recent Australian Government reports are worth your attention. If you missed, skimmed or forgot them, let me give you the 2-minute version.
In this pair of articles, I break the reports into bite-sized findings and share my view on where I see things heading and what you need to know and do as a director, senior executive or mid-sized business leader.
This first article looks at the Australian Government’s 2023–2030 Australian Cyber Security Strategy, and the second, How to lead your business through a cyber security crisis and bounce back, is based on the follow-up report Governing Through a Cyber Crisis.
Big picture: We’ve seen this movie before
Having spent a few decades in IT, the frenzy around cyber security reminds me of the rapid rise of other transformative technologies, such as e-commerce, social media, mobile, cloud computing and AI—all of which have fundamentally changed how we engage in business and life.
We’re seeing bad actors exploiting vulnerabilities, hypergrowth in new technologies, regulators playing catchup, and new entrants disrupting the status quo. At the same time, traditional players seek to extend their capabilities through a platform approach.
Fragmented solutions, technologies, vendors and regulations will predictably consolidate over the next few years as cyber security embeds itself into the fabric of normal business operations.
So, at this stage of the cycle, it is not about backing one winning technology; it’s more of a fundamental business challenge to establish a flexible path forward, one that balances the cost, risk and compliance equation along the way.
Before diving into specific actions for executives, board members and business owners, let’s consider the broader context.
Report: 2023–2030 Australian Cyber Security Strategy
Like many government strategies, the 2023–2030 Australian Cyber Security Strategy presents a 30,000-foot view, with many execution details postponed until later in the action plan. However, this report does demonstrate that the Government is serious about Australia becoming a global cyber security leader by 2030, backed by significant investment and regulatory support.
It starts by stressing the urgency of acting now, citing the many familiar stats about surging cyber attacks and geopolitical uncertainty. It also quotes research that shows Australians are demanding action on cyber security.
Beyond just mitigating the looming threat, it explains how Australia is uniquely placed to benefit from cyber security by taking the opportunity to become a global leader in the field, leveraging our strong foundation in legislation, research, education and our maturing tech sector.
The long-term solution is positioned as a collaboration between government, industry, business and the community. The strategy is built around creating 6 ‘cyber shields’ with specific initiatives and actions proposed for each shield to help build cyber resilience, minimise threats and recover from incidents.
According to the report, success will require a coordinated national effort:
In 2030, all Australians will benefit from a strong digital economy. We envision a future where every individual and business has the skills and resources they need to be cyber secure. Cyber is no longer a technical topic but a whole-of-nation effort.
In a nutshell:
- The Australian Government is serious about tackling cyber security and becoming a regional and world leader in cyber security.
- Significant investments, resources, legal frameworks and policies will be implemented in the years ahead, and industry and business will be asked to help lead the way.
- Business leaders will face increased accountability and transparency. New knowledge and skills will be required. Ignorance will not be a defence.
- With increased financial, legal, compliance and reputational risks, businesses will be required to take demonstrable action.
What’s the next step?
Like previous transformations, the cyber security wave is crashing over us whether we like it or not. Now is the time to understand the risks, impacts and solutions to protect your people, business, data, devices, and critical infrastructure.
To assist with that, in part two of this feature, we explain How to lead your business through a cyber security crisis and bounce back based on the Governing Through a Cyber Crisis report.
We’d be happy to chat if you have questions about these reports or would like to discuss your cyber security readiness or strategy.
Paul Edmondson is Head of Cyber Security Sales at Nexon Asia Pacific.
For more information, contact Nexon today.