Independent industry body says businesses should share how they deal with ransomware attacks
A new non-profit cybersecurity body wants companies hacked by ransomware gangs to share detailed reports on how they respond rather than keep their methods in commercial confidence.
Business
Don't miss out on the headlines from Business. Followed categories will be added to My News.
Australian companies are not learning from cyber breaches as attacked companies refuse to share critical information or their dealing with ransomware gangs, a new industry group says.
Most local dealings with cyber criminals are never publicised, leaving companies that find themselves in similar positions to make the same mistakes.
That’s the view of the Australian Cyber Network, a new non-profit organisation that is set to replace AustCyber and become an independent voice for the sector.
It was founded by former AustCyber staff Linda Cavanagh and Jason Murrell, who say industry will benefit from a new and improved industry voice, free of government ties, that is focused on growing the sector and sharing critical information.
Ms Cavanagh, pointing to two of Australia’s largest ever data breaches at listed private health insurer Medibank and the nation’s second-largest telco Optus, said Australia could have benefited from understanding how these companies dealt with the breaches in detail.
“There’s just no ability to be able to understand because it’s put in … commercial and confidence,” she said. “Those are the sorts of things that as an industry we need to make sure that we are raising with the government.”
Mr Murrell added: “With cybersecurity, to fix things you need to know what’s going on quickly … you can’t wait for an inquiry, that happens a year down the track or two years down the track to find out what happened with Optus.”
ACN, launched on Wednesday, has several priorities for Australia’s growing cybersecurity sector, that since 2017 has grown to include more than 120,000 professionals and 300 dedicated cybersecurity businesses.
The network was able to inherit some of AustCyber’s assets including company marketplace CyberScape and AUCyberExplorer which monitors the cybersecurity workforce.
It would also produce an annual sector competitive plan mapping the industry’s maturity against the federal government’s 2030 Cyber Strategy
Ms Cavanagh said while AustCyber had been developed to help build the nation’s cyber industry, ACN’s main mission was to grow it. That included ensuring local start-ups could compete against established global cybersecurity vendors.
Another priority was to push the government and major Australian companies toward shopping locally for security services.
Mr Murrell said often just a handful of players were providing services for major Australian companies, pointing to the CrowdStrike outage in July which took down hundreds of local businesses and was estimated to have a financial impact north of $1bn.
Having governments shop locally would ensure smaller Australian cybersecurity players and start-ups had capital to put into research and development, he said.
ACN arrives at a time where data breaches appear to have dropped but Mr Murrell said it was likely a symptom of the underreporting of attacks. “Maybe only one in every four people who are being attacked are actually reporting that so the numbers could be slightly skewed,” he said.
Originally published as Independent industry body says businesses should share how they deal with ransomware attacks
$300m residential project launched
Leading property developer Walker Corporation has submitted a DA for a $300m twin tower apartment project in Australia’s largest greenfield CBD.
Spicetown introduced to Sydney’s Little Italy
The creators of Burwood Chinatown have redeveloped the old Leichhardt Hotel, transforming the old venue which has been shut for eight years into an Asian-themed food precinct.