Why is cybersecurity so important in 2021?

  • In 2021 there are diverse, and increasing, daily cybersecurity risks – ranging from computer viruses, malicious code, hackers, saboteurs, privacy and data breaches, identity theft, electronic crime to intellectual property fraud;

  • In 2020 INTERPOL reported that cybercrime has increased during the COVID-19 pandemic;

  • Diverse organisations have been the subject of highly disruptive and damaging cybersecurity attacks, some costing in the hundreds of millions of dollars;

  • In addition to cybercrime laws, multi-million dollar penalties can be imposed for failure to comply with Australia’s privacy and other cybersecurity laws such as mandatory data breach reporting requirements;

  • In 2020 ASIC commenced proceedings for the alleged breach of licence obligations under the Corporations Act 2001 (Cth) against an Australian financial services licence holder alleging a failure to have adequate cybersecurity systems following an earlier cyberattack;

  • The Australian Government’s $1.67 billion Cyber Security Strategy 2020 includes proposals over the next 10 years:

    • to enhance cybersecurity obligations (such as reviews, reporting, information provision and risk management requirements) for owners and operators of critical infrastructures; and

    • to extend the coverage of the existing Security of Critical Infrastructure Act 2018 (Cth) from four sectors (electricity, gas, water & ports) to a further eleven sectors (communications, financial services & markets, data storage or processing, defence industry, higher education & research, energy, food & grocery, health care & medical, space technology, transport and water & sewerage);

  • The most common cause of data breaches is human error (Australian Office of the Information Commissioner (AOIC)).

Is your organisation cybersecurity safe and cyber-risk aware?

To seek to ensure the cybersecurity of any organisation it needs to comply with cybersecurity laws and be effectively trained in international best practice in order to protect its assets and people.

Does your organisation:

1.      have an effective cybersecurity programme in place to prevent and/ or mitigate a cybersecurity event?

2.      know what to do if a cybersecurity event occurs?

3.      know what its cybersecurity obligations are, for example, if a data breach involving serious harm occurs?

4.      have a professionally-trained, cybersecurity and cyber-risk aware culture?

Professional assistance to address any of these questions and to provide training is available and should be sought, as appropriate.

Dr Nigel Wilson is an Australian lawyer and cybersecurity specialist with 28 years’ experience.  He is the author of Teaching Professionals and is a professional workplace trainer and educator for corporations, legal practices, governments, critical infrastructures and national judicial colleges on law, regulation, governance, cybersecurity, technology, insurance and risk.

Dr Nigel Wilson, Australis Chambers

LLB (Hons), BEc, BCL Oxford, Cybersecurity Harvard, PhD

wilson@australischambers.com                     www.australischambers.com     0413 807 585

Liability limited by a scheme approved under the Professional Standards Legislation

Nigel Wilson