Why is cybersecurity important?

Asking the question Why is Cybersecurity Important may seem unusual to many people, particularly Cybersecurity professionals, company directors, lawyers, or other professionals deeply immersed in the field of Cybersecurity. Yet, “Why is Cybersecurity Important” is the most commonly Googled question about Cybersecurity in Australia. So, what is the answer? As with many questions, that depends on who is asking…. This blog will dive into the question and to provide insights and actionable strategies to address Cybersecurity in your organisation.

As a student of Cybersecurity at University, I would have probably responded that Cybersecurity is important to protect the Confidentiality, Integrity and Availability of information stored on computer systems. For many people, that remains the CIA triad remains the guiding model in Cybersecurity, as any comprehensive Cybersecurity strategy will include policies and security controls to minimise threats to each of these three crucial components.

ChatGPT informed me that Cybersecurity is important for several reasons, irrespective of geographical location or language preference, and then continued in true ChatGPT style to list 10 reasons, before summarising that cybersecurity is essential for protecting sensitive information, preventing financial loss, maintaining trust, ensuring national security, and supporting overall digital resilience in an increasingly connected world.

The importance of Cyber Security according to the ASD Cyber Threat Report

The recently published Australian Signals Directorate (ASD) Cyber Threat Report 2022-2023, underscores the significance of Cybersecurity. In the post-Second World War period Australia was largely protected by its geographical isolation and the limited ability of other nations in the region to exert military influence. However, in the present strategic landscape, Australia’s geographic advantages have been eroded as more countries have enhanced their ability to project combat power across greater ranges, notably through the rapid development of cyber capabilities. Against this backdrop, malicious cyber actors persistently target Australian governments, critical infrastructure, businesses and households. Throughout the reporting year, ASD responded to over 1,100 cyber security incidents from Australian entities, and nearly 94,000 reports were made to law enforcement – around one report every 6 minutes.

Australian Cyber Security Strategy

The Australian Government certainly understands the question Why is Cybersecurity Important. The 2023–2030 Australian Cyber Security Strategy released this week described Cybersecurity as an urgent national problem.

“Cybersecurity touches the lives of every Australian. Over the past 18 months, millions of Australians have been affected by devastating cyber incidents. On average, one cybercrime is reported every 6 minutes, with ransomware alone causing up to $3 billion in damages to the Australian economy every year. And, we have good reasons to believe that the threat is going to continue to grow.”

The Hon Clare O’Neil MP Minister for Home Affairs, Minister for Cyber Security

The primary objective of the Australian Cyber Security Strategy is to ensure that Australian citizens and businesses are better protected from cyber threats, and can bounce back quickly following a cyber-attack. At the top of the list of how this will be achieved is to ensure small and medium businesses strengthen their Cybersecurity. Almost 93% of Australian businesses have an annual turnover of less than $2 million. Small and medium businesses play a vital role in the Australian economy, contributing more than $500 billion3 to annual gross domestic product and employing around 43% of the private sector labour market. Yet average (self-reported) losses due to Cybercrime attacks for small businesses grew to $45,965 and $97,203 for medium businesses.

Trust

Reflecting on all of these, we consider that the question of Why is Cybersecurity Important can be effectively answered in 1 word: “Trust”. Australian organisations have been in the news over the last year for high profile Cybersecurity breaches which have resulted in significant quantities of sensitive business and customer data being released onto the dark web.

Do we still trust those organisations in the same way we did prior to the breaches? We would suggest that the answer is “no”. Trust and reputation are key, particularly in competitive markets where there are many alternatives for customers. Using Optus as an example, their experience late last year of a substantial cybersecurity breach, resulting in the exposure of customer personal information on the Dark Web, has intensified both customer and government criticism following last month’s major system outage. This situation has provided an opportunity for their key competitors, especially Telstra, to tailor their marketing campaigns to highlight the erosion of trust and capitalise on increasing customer churn from Optus. While Optus is expected to weather the storm, for smaller organisations, a major cybersecurity incident and the consequent loss of trust can pose an existential threat.

So, if you are an owner or senior manager in a SME, what should you be doing to address the question of Why is Cybersecurity Important? The Australian Cyber Security Strategy places significant emphasis on improving your organisation’s Cyber Hygiene. This involves understanding your organisation’s Cybersecurity maturity and taking steps to address key vulnerabilities.

It’s important to note that, in most cases, this enhancement in Cybersecurity can be achieved by optimising People and Process factors, without the immediate need for investment in new technologies. Additionally, unlike many Cybersecurity Service Providers, CyBiz remains technology-agnostic and refrains from selling cybersecurity technologies. This assurance ensures that all recommendations stemming from a CyBiz Cybersecurity Hygiene Assessment are solely aimed at enhancing your organisation’s cyber maturity and resilience.

Cybersecurity Hygiene Assessment

Engaging in a CyBiz Cybersecurity Hygiene Assessment offers your organisation valuable insights into its current Cybersecurity posture, enabling the identification and mitigation of vulnerabilities. This proactive approach allows for the implementation of targeted and effective measures to safeguard against cyber threats. Choosing to invest in preventive measures through this assessment is more cost-effective than grappling with the aftermath of a cyber-attack, which can result in substantial financial losses, legal liabilities, reputational damage, and customer loss.

Contact CyBiz to discuss how we can support your organisation increase its focus on Cybersecurity to reduce the risk and impact of a critical cyber incident.