Project Showcase 15 November 2019 Introductory remarks by OCSC - - PowerPoint PPT Presentation

Project Showcase 15 November 2019

Introductory remarks by OCSC Chairman Cameron Boardman

The Threat and Global Trends

• 34% of all cyber attacks involved internal actors
• 43% of the breaches involved small business victims, 16% were of public sector entities, 15% in Healthcare, and 10% of financial services

entities

• 23% involved nation-state or affiliated actors
• Only 71% were financially motivated while 25% were espionage
• 56% took months to discover#
• Information theft is the most expensive and fastest rising consequence of cybercrime—but data is not the only target. Core systems, such as

industrial control systems, are being hacked in a powerful move to disrupt and destroy

• Cybercriminals are adapting their attack methods. They are using the human layer—the weakest link—as a path to attacks, through

increased phishing and malicious insiders. Other techniques, such as those employed by nation-state attacks to target commercial businesses, are changing the nature of recovery, with insurance companies trying to classify cyberattacks as an “act of war” issue

• Cyberattackers have slowly shifted their attack patterns to exploit third and fourth-party supply chain partner environments to gain entry to

target systems—including industries with mature cybersecurity standards, frameworks, and regulations

• The global average total cost of cybercrime for each compromised company increased from US$11.7 million in 2017 to a new high of

US$13.0 million—a rise of 12 percent*

#2019 Data Breach Investigations Report from Verizon * The ninth annual cost of cybercrime study is from accenturesecurity and conducted by the Ponemon Institute

Australian situation

Notifiable Data Breaches Scheme 12-month insights report

Notifiable Data Breaches Scheme 12-month insights report

Notifiable Data Breaches Scheme 12-month insights report

Department of Home Affairs

Cyber security is important for Australia’s national security, innovation, and prosperity. We need to keep our information safe, working as a nation to secure our networks and systems.

The Oceania Cyber Security Centre

Attaining Collaboration for Complex Solutions and Innovation

• Linking industry with research experts to solve problems
• Anticipating future problems and identifying solutions
• Developing best in class processes to improve preparedness

and responses to cyber threats

Cyber Maturity Model (CMM)

The CMM considers national cybersecurity to include 5 dimensions: 1. Cybersecurity Policy and Strategy 2. Cyber Culture and Society 3. Cybersecurity Education, Training and Skills 4. Legal and Regulatory Frameworks 5. Standards, Organisations, and Technologies

A CMM review is an important first step to strengthening a nation's cyber security posture. Understanding where the gaps are is critical to lessening the ability of bad actors or cyber criminals to attack a nation, its peoples and their allies.

CMM Program

• The CMM has been deployed to more than 80 countries across the globe by

the GCSCC and partners, with the OCSC as THE partner for the region.

• 5 CMMs conducted so far:
• Samoa
• Tonga
• Vanuatu
• PNG
• Kiribati

CMM Outcome

In our digitally interconnected world, cybersecurity is everyone’s

• problem. The CMM review is the first step towards strengthening a

country’s cybersecurity capacity. We don’t deliver the report and

• leave. We are committed to working together with countries and

the community to build capacity and strengthen cybersecurity in the region.