Dan Tehan - Minister Assisting the Prime Minister for Cyber Security,
Despite the overall resilience, there are still a number of significant challenges that suggest organisations could do more to prepare for and adapt to continually changing cyber threats.
For example, 71 per cent of organisations report having a cyber security incident response plan in place compared with 60 per cent in the 2015 ACSC Cyber Security Survey of Major Australian Businesses.
But more can be done, according to the ACSC, which is tasked with bringing cyber security capabilities from across the Australian Government together into a single location.
The focus now, according to the ACSC, needs to be on ensuring that incident response plans remain relevant.
Of all organisations that have incident response plans, 45 per cent regularly review and exercise these plans, according to the survey, while 15 per cent either never test the plan, or test it on an ad hoc basis, with 24 per cent testing less than once a year.
“As the threat environment continually evolves — with new software, tools, technologies and techniques constantly released — these plans must be regularly reviewed and updated in order to remain effective,” the report stated.
“When weighing investment in cyber security against other business needs, senior management need to consider the overall level of cyber risk, their organisation’s exposure to such risks, and the potential whole-of-business cost that could be incurred if a serious cyber incident were to occur on their network.
“The costs of compromise are almost certainly more expensive than preventative measures,” it said.
The release of the ACSC survey report comes as the government marks the first anniversary of the launch of its Cyber Security Strategy, aimed at increasing the awareness of, and helping to mitigate, cyber security threats among organisations in Australia.
The report comes just weeks after the ACSC warned that Australian managed service providers (MSPs) are among those that have been targeted by a cyber threat actor thought to be based in China, known as APT10.
The ACSC issued a warning to local enterprises on 4 April, encouraging Australian companies that engage MSPs to speak to their respective providers about the potential risks arising from the global threat.
The ACSC has also called on local MSPs to make sure their clients have not been affected by the global cyber espionage campaign.
“We have strongly encouraged affected Managed Service Providers to identify whether any of their clients have been compromised and work closely with them,” the ACSC said at the time.
