EY Partner, Richard Watson, offers analysis and data on recent Cyber Security issues
Richard Watson, Lead Partner APAC Cybersecurity Risk Management at EY, presents his position dot-point statements and observations about the current Cyber Security landscape.
- Regulation is the biggest driver of cyber spending. It increases an organisation’s maturity and protects consumers.
- There has been a crescendo of announcements from state and federal governments building for the enforcement of cyber security regulations in Australia.
- We welcome the federal government’s transparency on the recent uptick in cyber incidents in Australia.
- Cyber attacks are real and the threat is increasing. Companies need to spend money and be prepared to protect their customers.
- We know from our own research that destructive cyber-attacks have increased 59% in the last year.
- EY’s research shows that the best way to get companies to improve their cyber posture to protect their business and customers is to increase regulation as this is the biggest driver of cyber investment, not digital transformation, cloud or risk management.
- In EY’s 2020 Global Information Security Survey, 19% of respondents said that the number one reason they get funding for cybersecurity is to comply with regulation.
- The US has the most stringent regulations around data privacy, and they also have minimum cyber maturity standards set for critical infrastructure.
- Currently, Australia is essentially self-reporting, with the Critical Infrastructure Act 2018 acting as an umbrella legislation to pave the way for further regulatory changes.
- Some industries such as Electricity are moving fast because they’re being driven hard by their regulators, and it’s safe to say this will soon become more commonplace and enforced by regulators in all critical sectors.