IAC on Cyber Security publishes annual report

The federal government’s Industry Advisory Committee on Cyber Security has made a number of recommendations aimed at helping further improve Australia’s cybersecurity posture in the financial year ahead.

The committee’s first annual report was launched at the National Press Club by IAC Chair and Telstra CEO Andy Penn.

In a blog post, Penn said a major focus of the new recommendations is safeguarding against supply chain attacks.

“All supply chains are important but perhaps none more so currently than the COVID vaccine supply chain. Telstra has been working with government to monitor Australia’s vaccine supply chains for threats, a crucial precaution given the criticality of our vaccine program,” he said.

Another key focus is ransomware attacks, which Penn said are only expected to increase as hackers branch out and recruit more would-be criminals to their cause with cybercrime-as-a-service products.

“Recovering from one of these attacks isn’t cheap: experts estimate the average total cost of recovery for businesses has grown to more than $2 million an attack,” he said.

“One classic hacking technique, known as “business email compromise”, is [also] worth calling out because it is no longer exclusively targeting businesses and everyone at home who makes online payments could now be at risk.”

The report recommends that the government focus on priority areas including cybersecurity awareness training, workplace readiness, as well as evaluation and measuring cybersecurity maturity.

Other focus areas should be the use of cryptocurrency in ransomware attacks, the Australian Cyber Security Centre’s Joint Cyber Security Centres, and Australia’s International Cyber and Critical Technology Engagement Strategy.

Minister for Home Affairs Karen Andrews said the committee’s advice is helping to guide the implementation of the government’s $1.67 billion Cyber Security Strategy.

“The report supports the government’s continued effort to increase Australia’s cybersecurity across the economy, further supporting the Digital Economy Strategy announced by the Prime Minister in May 2021,” she said.

“Our first priority has been to protect critical infrastructure and systems of national significance, with that legislation now before the parliament.”

Image credit: ©stock.adobe.com/au/Valerybrozhinsky