Geekzone: technology news, blogs, forums
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
Cyber security not being taken seriously enough
Posted on 5-Dec-2017 20:13 | Tags Filed under: News

Business leaders are not taking cyber security seriously enough, said cyber security expert Dr Ryan Ko, and that poses a significant risk to their companies' reputations.


“Communications is a much neglected aspect of responding to cyber security incidents,” said Dr Ko, speaking at business learning lunch event in Hamilton. “The spread of information is so fast, and reputations are very hard to get back when lost.”


Dr Ko, director of the NZ Institute for Security and Crime Science, was speaking at CRUNCH – Crucial Conversations Over Lunch, organised by Hamilton public relations firm HMC Communications. During the workshop Dr Ko described the current state of cybercrime in New Zealand and, together with the HMC team, led business leaders in a cyberattack scenario.


This week marks Cyber Smart Week in New Zealand, where people are encouraged to review and strengthen their cyber security systems at home and work.


Dr Ko said that the size of cybercrime internationally was larger than drug trafficking, according to a Norton Cybercrime Report. “It was reported that, globally, cybercrime cost $388 billion which was larger than the cost of drug trafficking at $288 billion,” said Dr Ko. “Every half-second a unique malware or virus is created somewhere in the world. Cybersecurity is a serious concern for companies, and New Zealand business leaders need to do more to protect their company and their customers.”


Dr Ko said that there was a global trend with businesses and boards of directors being held liable for cybersecurity incidents. “The public perception is that businesses and boards should take responsibility for personal information, and that means cyber-attacks have legal implications for directors,” said Dr Ko. “It’s not a matter of ‘if’ it will happen, but when, and directors may be facing liability.”


Dr Ko cited the example of Target, a well-known US discount retailer, who was affected by a cybersecurity attack in 2013. Hackers stole credit and debit card information from up to 40 million customers which revealed the company’s weak cybersecurity measures and ended up costing the retailer millions of dollars.


Another case was the Wyndham Worldwide Corporation, a US hotel chain that was sued in 2012 for breaching customer’s confidential information when credit card details were hacked and posted to a Russian website.


Dr Ko said that New Zealand companies are at risk of cyber-attack, and more than half – 56 per cent – of New Zealand companies claimed to have a cyber-attack at least once a year (in 2014).


The five top threats to New Zealand companies, identified by Dr Ko and his research team, included ransomware, distribute denial of service (DDoS), social engineering, hijacking unpatched platforms and obsolete communications, cyber forces and weaponry.


“Many think it will not affect them, especially small to medium businesses, but they are not immune,” said Dr Ko.


As with any crisis, cybercrime affects a company’s reputation, said HMC Communications director Heather Claycomb. “We know that a company’s reputation is one of their organisation’s primary assets,” said Claycomb. “Reputation is harder to manage than any other risk, and those risks are increasing.”


She said that it was important for businesses to include communications planning when preparing for potential cybercrime situations.  “Cybercrime is a major risk to New Zealand organisations.  And just like any other major business crisis, you can take back some control in a seemingly uncontrollable situation when you do two things: plan and practise.  It’s not enough to have a solid cyber security strategy – you also need a robust crisis communications plan as part of your risk mitigation.”


Participants left with a better understanding of cybersecurity risks and how they might affect their business. They also received useful information and referrals to resources to help get them better prepared and more successfully communicate during a cyberattack crisis.


“I think we are quite naïve in New Zealand around risk,” said Campbell Parker, general manager of Waikato Milking Systems. “You see it in fraud cases, and it’s true when it comes to cybersecurity also.”


He said that large organisations often had robust systems, policies and procedures in place but smaller firms were vulnerable, especially those reliant on external providers. “When you think that 97 per cent of New Zealand companies are SMEs (small-to-medium enterprises) with less than 20 employees, then there is a risk to them.”


Tag IT managing director Josh White said he learnt a lot from the presentation and it highlighted areas to focus on. “We’ll be reviewing systems and strategies,” said White.


Myles Imperial, managing director of Workhub Services said cybersecurity is a topic that all business people should brush up on. “We are in a computer age and you have to have a plan if something happens online. This is a session that should be done by all business leaders,” said Imperial.


Habitat for Humanity general manager for the central North Island, Nic Greene, said protecting data and privacy was integral to his organisation. “We trade on our reputation as a charity.”


He also valued the opportunity to discuss the topic with other business leaders, and consider the management and communications response to cybercrime. “Also, Ryan Ko is a bit of a legend,” said Greene.


ARE YOU PREPARED FOR A CYBER ATTACK? Things for business leaders to consider


  • What is your board of directors doing to address the risk of a cyber-attack to your business or organisation?
  • Have cyber security policies been reviewed (and do they even exist)?
  • Are there policies around external contractors?
  • Does the business or organisation have cyber insurance?
  • Is there a chief information security officer in the company?
  • What would you do in the event of a cyber-attack, operationally and with your communications (internally and externally, including stakeholders and media)?

comments powered by Disqus

Trending now »

Hot discussions in our forums right now:

Another early grave filthy food pusher sees NZ as a soft target
Created by Rikkitic, last reply by Aredwood on 21-Apr-2018 19:25 (116 replies)
Pages... 6 7 8

Lifetime Warranty Bbq thoughts
Created by JeremyNzl, last reply by mattwnz on 18-Apr-2018 19:59 (26 replies)
Pages... 2

Rugby 2019 coverage by Spark and TVNZ
Created by freitasm, last reply by Dingbatt on 21-Apr-2018 20:38 (140 replies)
Pages... 8 9 10

Scrapping RUC and paying Diesel tax at the pump?
Created by DickDastardly, last reply by NzBeagle on 19-Apr-2018 09:44 (55 replies)
Pages... 2 3 4

Your typing speed (WPM)
Created by SniperGhostWolfDude, last reply by JayADee on 20-Apr-2018 19:15 (48 replies)
Pages... 2 3 4

Internet usage seems...excessive?
Created by Handsomedan, last reply by coffeebaron on 19-Apr-2018 22:28 (13 replies)

CGA Question
Created by Geektastic, last reply by Oblivian on 19-Apr-2018 11:38 (26 replies)
Pages... 2

Rimu flooring with asbestos lino on top - Remove + Sand&Polish or Cover up?
Created by kiwijunglist, last reply by Bung on 22-Apr-2018 08:52 (37 replies)
Pages... 2 3