Geekzone: technology news, blogs, forums
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
Cyber security not being taken seriously enough
Posted on 5-Dec-2017 20:13 | Tags Filed under: News

Business leaders are not taking cyber security seriously enough, said cyber security expert Dr Ryan Ko, and that poses a significant risk to their companies' reputations.


“Communications is a much neglected aspect of responding to cyber security incidents,” said Dr Ko, speaking at business learning lunch event in Hamilton. “The spread of information is so fast, and reputations are very hard to get back when lost.”


Dr Ko, director of the NZ Institute for Security and Crime Science, was speaking at CRUNCH – Crucial Conversations Over Lunch, organised by Hamilton public relations firm HMC Communications. During the workshop Dr Ko described the current state of cybercrime in New Zealand and, together with the HMC team, led business leaders in a cyberattack scenario.


This week marks Cyber Smart Week in New Zealand, where people are encouraged to review and strengthen their cyber security systems at home and work.


Dr Ko said that the size of cybercrime internationally was larger than drug trafficking, according to a Norton Cybercrime Report. “It was reported that, globally, cybercrime cost $388 billion which was larger than the cost of drug trafficking at $288 billion,” said Dr Ko. “Every half-second a unique malware or virus is created somewhere in the world. Cybersecurity is a serious concern for companies, and New Zealand business leaders need to do more to protect their company and their customers.”


Dr Ko said that there was a global trend with businesses and boards of directors being held liable for cybersecurity incidents. “The public perception is that businesses and boards should take responsibility for personal information, and that means cyber-attacks have legal implications for directors,” said Dr Ko. “It’s not a matter of ‘if’ it will happen, but when, and directors may be facing liability.”


Dr Ko cited the example of Target, a well-known US discount retailer, who was affected by a cybersecurity attack in 2013. Hackers stole credit and debit card information from up to 40 million customers which revealed the company’s weak cybersecurity measures and ended up costing the retailer millions of dollars.


Another case was the Wyndham Worldwide Corporation, a US hotel chain that was sued in 2012 for breaching customer’s confidential information when credit card details were hacked and posted to a Russian website.


Dr Ko said that New Zealand companies are at risk of cyber-attack, and more than half – 56 per cent – of New Zealand companies claimed to have a cyber-attack at least once a year (in 2014).


The five top threats to New Zealand companies, identified by Dr Ko and his research team, included ransomware, distribute denial of service (DDoS), social engineering, hijacking unpatched platforms and obsolete communications, cyber forces and weaponry.


“Many think it will not affect them, especially small to medium businesses, but they are not immune,” said Dr Ko.


As with any crisis, cybercrime affects a company’s reputation, said HMC Communications director Heather Claycomb. “We know that a company’s reputation is one of their organisation’s primary assets,” said Claycomb. “Reputation is harder to manage than any other risk, and those risks are increasing.”


She said that it was important for businesses to include communications planning when preparing for potential cybercrime situations.  “Cybercrime is a major risk to New Zealand organisations.  And just like any other major business crisis, you can take back some control in a seemingly uncontrollable situation when you do two things: plan and practise.  It’s not enough to have a solid cyber security strategy – you also need a robust crisis communications plan as part of your risk mitigation.”


Participants left with a better understanding of cybersecurity risks and how they might affect their business. They also received useful information and referrals to resources to help get them better prepared and more successfully communicate during a cyberattack crisis.


“I think we are quite naïve in New Zealand around risk,” said Campbell Parker, general manager of Waikato Milking Systems. “You see it in fraud cases, and it’s true when it comes to cybersecurity also.”


He said that large organisations often had robust systems, policies and procedures in place but smaller firms were vulnerable, especially those reliant on external providers. “When you think that 97 per cent of New Zealand companies are SMEs (small-to-medium enterprises) with less than 20 employees, then there is a risk to them.”


Tag IT managing director Josh White said he learnt a lot from the presentation and it highlighted areas to focus on. “We’ll be reviewing systems and strategies,” said White.


Myles Imperial, managing director of Workhub Services said cybersecurity is a topic that all business people should brush up on. “We are in a computer age and you have to have a plan if something happens online. This is a session that should be done by all business leaders,” said Imperial.


Habitat for Humanity general manager for the central North Island, Nic Greene, said protecting data and privacy was integral to his organisation. “We trade on our reputation as a charity.”


He also valued the opportunity to discuss the topic with other business leaders, and consider the management and communications response to cybercrime. “Also, Ryan Ko is a bit of a legend,” said Greene.


ARE YOU PREPARED FOR A CYBER ATTACK? Things for business leaders to consider


  • What is your board of directors doing to address the risk of a cyber-attack to your business or organisation?
  • Have cyber security policies been reviewed (and do they even exist)?
  • Are there policies around external contractors?
  • Does the business or organisation have cyber insurance?
  • Is there a chief information security officer in the company?
  • What would you do in the event of a cyber-attack, operationally and with your communications (internally and externally, including stakeholders and media)?

comments powered by Disqus

Trending now »

Hot discussions in our forums right now:

Hopeful signs from Netflix
Created by Rikkitic, last reply by tdgeek on 24-Jan-2018 12:51 (33 replies)
Pages... 2 3

No Dial Tone From Wiring Bridged Telecom Module (HBG-1008)
Created by Yoban, last reply by SATTV on 21-Jan-2018 16:49 (16 replies)
Pages... 2

Accommodation websites: what are your recommendations?
Created by frednz, last reply by floydbloke on 24-Jan-2018 12:51 (15 replies)

Boat electrics help with 2x12v batteries
Created by Hatch, last reply by Hatch on 24-Jan-2018 13:06 (27 replies)
Pages... 2

Vodafone prepay auto-renew
Created by bagheera, last reply by bagheera on 23-Jan-2018 13:15 (13 replies)

What is the New Cable Going to Mean for NZ?
Created by Pumpedd, last reply by PhantomNVD on 21-Jan-2018 01:35 (36 replies)
Pages... 2 3

Vodafone recycling numbers
Created by MichaelNZ, last reply by 1101 on 24-Jan-2018 11:38 (21 replies)
Pages... 2

Sulphur in petrol
Created by Rikkitic, last reply by kryptonjohn on 23-Jan-2018 14:27 (9 replies)