2019 was an eventful year in the Australian cyber security landscape. The security industry saw an increase in government and private industry collaborations, with the 2020 security strategy announced. There was also a large amount of alarming security breaches and incidents spanning across industries and government agencies, which emphasised the importance of investing in cyber security.

New standards were introduced for APRA-regulated industries with the introduction of Prudential Standard CPS 234 on the 1st of July. This new standard aims to provide stricter reporting requirements around security incidents, consistent information security framework maintenance, and overall, assist with bolstering security resilience.

According to a report by Trend Micro, a 77 percent surge in ransomware attacks was reported during the first half of 2019, with researchers identifying WannaCry as the most common type of ransomware. According to new security research conducted by Datto, Australia and New Zealand’s small-to-medium sized enterprises now hold the highest rate of reported ransomware attacks globally. 91 percent of subject matter experts have reported an attack in the last two years compared to a global average of 85 percent. The Victorian healthcare industry was severely disrupted by ransomware attacks with major regional hospitals and medical centres being hit and surgeries delayed as a consequence.

Some shocking data breaches occurred during 2019, with millions of people in Australia having their information leaked publicly through a variety of data breaches. Some notable breaches include the ‘Collection #1’ breach, featuring 772 million records from multiple, different sources. Others included breaches from the Australian National University, payID, My Health Record, Puma, Canva and Symantec, just to name a few. Between April 1st and June 30th alone there were 245 notifications of breaches under the notifiable data breach scheme, with 62% being malicious or criminal attacks. A signification portion of 34% was also attributed to human error.

The most common industries reporting breaches are:

Majority of the most common reported malware have been evolutions of old malware or exploiting old vulnerabilities. As a response to the dramatic shifts and exponential changes in Australia’s security landscape, the Australian Government reached out to private industry and government agencies for input in the new strategy. The full report is now available.

A lack of information sharing and collaboration in Australia’s private cyber security industry has been a well-known problem for a while now. Cyber criminals are consistently working together and sharing knowledge to conduct their criminal activity, it only makes sense that the good guys work together too. With the announcement of Cyber CX, Australia’s top industry leaders have joined forces under one company to ensure Australian organisations are supported by industry experts to protect themselves against cyber criminals.

Moving further into 2020, Alcorn Group’s subject matter experts expect to see:

Contact Us