While many institutions are now taking cyber security more seriously, the rapidly evolving nature of cybercrime means that they should be focusing on dealing with an attack as well as preventing one.
“Cyber resilience is an organisational capability – and not a technological one – that enhances an entity’s ability to deliver the desired outcome at any point in time,” said Joel Camissar, regional director of McAfee MVISION Cloud for the Asia Pacific.
“As the threat of cyber security compromise is a reality for all, cyber resilience requires businesses to move from trying to avoid attacks, to a position where they are able to mitigate downtime and keep the wheels churning in the face of an attack.”
Financial institutions present an extremely lucrative target due to their large stores of customer financial data. McAfee saw an 89 per cent increase in disclosed incidents impacting the financial sector in 2019. Despite this, only a third of respondents surveyed by McAfee believed that their organisation was truly cyber resilient.
“When the cyber threat landscape is ever-evolving, there is no time for Australian organisations to be complacent,” Mr Camissar said.
“The low risk perception displayed when it comes to data breaches is indicative of a lack of awareness of the financial, reputational and operational impact a cyber incident can have both in the short term and long term.”
The increasingly digital economy is also changing the threat landscape. Cryptojacking – targeting a victim’s computer with coin miner malware to mine cryptocurrency without their awareness – is on the rise, with McAfee detecting a 29 per cent increase in incidents in Q1 2019.
“The concerning rise in cryptojacking is the new age form of cybercrime hitting the finance industry and everyone from consumers to businesses [needs] to take a proactive approach to cyber security to fight these growing attacks,” Mr Camissar said.
