Cybercrime is the biggest threat to Australia and some of our defences will fail, says government’s top cyber official

The greatest existential threat to the Australian economy is cybercrime, according to Alastair MacGibbon, the man charged with leading the federal government’s cybersecurity strategy. The cyber defences designed to protect us will inevitably fail, he said.

MacGibbon, the National Cyber Security Adviser at the Department of Home Affairs and concurrently Head of the Australian Cyber Security Centre, part of the Australian Signals Directorate, was speaking at the McAfee MPower event in Sydney today. He said the conversation and language around cybersecurity in Australia needed to change, as the threat and attack profile grow more complex every year.

“Cybersecurity [failure] is the greatest existential threat facing the Australian economy and Australian society … amongst a range of others — I’m no climate change denier,” MacGibbon said.

“But I am going to say that cybersecurity failure could be pretty catastrophic for us.”

“In complex systems, that are doing complex things with complex people, that risk will be realised. And sometimes it will be realised in ways that we were able to predict and prevent. Other times it will be realised in ways that maybe we could have predicted but it was outside the scope of our thinking.”

Some of the defences designed to prevent the cybercrime will fail, MacGibbon said. That is the nature of cybersecurity, although not always widely understood.

Research from McAfee released at the event found there was a considerable disconnect between the expectations and language of cybersecurity leaders and their C-suite peers. MacGibbon said the the findings are not surprising and the industry was mostly to blame.

“I’m going to blame IT security professionals here … I don’t think we’ve actually done a great job at saying what cybersecurity delivers. I think for a long time we’ve sheeted it home as a technology issue.”

Failure inevitable

According to MacGibbon, no cyber defences can categorically prevent attacks. Instead, cybersecurity should be seen as an enabler and risk mitigator.

“In complex systems, that are doing complex things with complex people, that risk will be realised. And sometimes it will be realised in ways that we were able to predict and prevent. Other times it will be realised in ways that maybe we could have predicted but it was outside the scope of our thinking.”

More: https://which-50.com/cybersecurity

Mais do que uma solução tecnológica, somos uma decisão estratégica para as organizações.

Nossa missão é redefinir a relação das empresas com a cibersegurança e a experiência dos usuários no processo de autenticação e acesso a ativos tecnológicos.