At the start of this month we gathered a group of our clients together to discuss the key building blocks of cyber resilience. The catalyst was the impending arrival in February 2018 in Australia of the mandatory data breach disclosure laws and how to be ready to respond. Similar laws in place in the UK and Europe later in the year. In the retail world much of the cyber focus in Australia has been on the likely entry of Amazon - resilience has taken a back seat beyond defending against competitive disruption. Much more needs to be considered.
In the same AFR supplement they quote the Australian Defence Directorate's Essential Eight essentially recommends not so much additional layers of technology just modernisation and patches. There is not time in this posting to develop the thoughts further but I am seeing the role of serious digital transformation underrated as a growth and expansion response to ensuring cyber resilience.
A cyber incident at your workplace then is not an if, but a when.And when it happens, the cost can be measured in a lot more than red faces – according to the latest ACS Australia's Digital Pulse 2017 report, the average cost of a cyberattack to an Australian business is around $419,000, up from $276,000 two years earlier.Cyber resilience, then, is now a critical business process. It is the practice of being prepared. Having policies and procedures in place to deal with the inevitable breach as well as clear steps on how to minimise the impact, mitigate consequences, and getting the business back online. The calibre of your organisation will be measured by how it responds.