Australian minister for defence Stephen Smith has spoken out about the need for strong cyber threat vulnerability management amongst the government and organisations, as well as individual citizens, in order to mitigate the growing threat of digital crime.
Speaking at the Defence Signal Directorate’s 2012 Cyber Security Conference on October 24, the minister noted just how significant the internet is to the day to day lives of all Australians.
"Almost everything is now connected, online and accessible and the internet continues to develop at an historically unprecedented rate," said Mr Smith.
According to Mr Smith, the internet contributes around $50 billion to the Australian economy every year, equalling 3.6 per cent of thenation's Gross Domestic Product.
However a wide range of threats are now bringing new challenges to the forefront of the digital landscape, threats that will require careful planning in the future in order to ensure ongoing national security.
As of the end of September, the Cyber Security Operations Centre (CSOC) has reportedly identified more than 1,250 cyber security incidents in Australia, outstripping the entire year-end total recorded in 2011.
Mr Smith noted that more than 65 per cent of cyber security incidents identified by the CSOC are economically motivated, and emphasised that digital crime is an issue which not only affects national security interests, but also economic interests and national wellbeing.
"Security company Symantec has put the cost to Australia from cybercrime at $4.5 billion, more than the cost of burglary and assault combined," said Mr Smith.
In order to fight this ever increasing cost, Mr Smith outlined the various strategies organisations need to take in order to ensure they are adequately protecting confidential information.
In 2010, the Defence Signal Directorate published a list of 35 mitigation strategies which could effectively reduce the risk of a security breach.
According to Mr Smith, CSOC research has indicated that more than 85 per cent of cyber intrusions that the Defence Signal Directorate responds to could be prevented if organisations were to simply implement the top four strategies identified on that list.
These strategies essentially involve only using legitimate, authorised software and regularly patching third party applications and operating systems, as well as restricting administrative privileges in order to limit the amount of access employees have to certain information.
Businesses looking to do their part to fight cybercrime and limit their risk of being involved in a security incident would be wise to follow these steps, while also utilising external penetration testing and security audit evaluations.
A two pronged approach such as this is the best way to ensure cybercriminals have no easy access points to exploit, and can drastically mitigate the risk of becoming a victim of digital crime.