Key Events

Governance Framework for Cyber Incidents

The Australian Institute of Company Directors (AICD) published a governance framework to guide Boards through cyber incidents¹.

The Australian Government’s Cyber Incident Management Arrangements (CIMA) aims to reduce the impact and severity of national cyber security incidents. The CIMA provides guidance on how Australian governments will collaborate in response to national cyber security incidents. It emphasizes the shared responsibility of Australian governments, businesses, and individuals in managing cyber risks and ensuring effective cyber security. The benefits of using the CIMA include improved situational awareness, prevention of potential national cyber security incidents escalating to crises, efficient use of jurisdictional response resources, and consistent public information.

Appointment of National Cyber Security Coordinator

The Australian Government announced the appointment of Lieutenant General Michelle McGuinness as the National Cyber Security Coordinator. She has served in the Australian Defence Force for 30 years in various roles and will commence her term on February 26, 2024. As the National Cyber Security Coordinator, she will lead national cyber security policy, coordinate responses to major cyber incidents, and strengthen Commonwealth cyber security capability in collaboration with key policy, operational, and security agencies.

Lieutenant General Michelle McGuiness was appointed as Australia’s new National Cyber Security Coordinator¹.

HWL Ebsworth Cyber Security Incident

On May 8, 2023, national law firm HWL Ebsworth reported a cyber incident involving a data breach and possible unauthorized disclosure of personal information to the dark web. Documents relating to a limited number of files from the Fair Work Ombudsman and several Victorian Government departments and agencies were included in the breach. The Department of Home Affairs is investigating the extent of the breach, including exposure of the Australian Government’s information.

The Government’s National Office of Cyber Security released a report on the HWL Ebsworth cyber security incident¹.

Notifiable Data Breaches Report

The Notifiable Data Breaches Report for July to December 2023 shows that 483 breaches were reported to the OAIC, up 19% from the first half of the year. Malicious or criminal attacks remained the leading cause of data breaches. The health and finance sectors remained the top reporters of data breaches. The report emphasizes the importance of the Notifiable Data Breaches scheme in driving better security standards and accountability for protecting personal information.

The Office of the Australian Information Commissioner (OAIC) released its notifiable data breach report for July to December 2023¹.

Law Enforcement Progress

The Australian Federal Police provides national policing services for the public, law enforcement, government, and international partners. They offer services such as national police checks, investigative services for governments, and international law enforcement coordination. The National Anti-Scam Centre reported a notable decline in scam losses in the October to December 2023 quarter, indicating progress in combating cybercrime.

Progress was made in relation to threat actor activity. Last month, BlackCat’s leak site was taken down, the Medibank perpetrator was outed, and there have been a series of fights with LockBit¹.

Supply Chain / Third Party Breaches

The risk of outsourcing personal information handling to third parties is highlighted in the latest data breach statistics released by the Office of the Australian Information Commissioner (OAIC). The report illustrates that both state and non-state actors continue to show the intent and capability to compromise Australia’s networks. It also highlights the added complexity posed by emerging technologies such as artificial intelligence.

There were significant supply chain / third party breaches¹. Record-breaking ransomware profits surpassed $1B in 2023, even though fewer companies are choosing to pay ransom demands¹.

Consumer-Focused Items

Cyber Insurance

Cyber liability insurance protects businesses against cybercrime. This insurance covers the cost of keeping data secure as well as the expenses from the disruption to business. In the event of a ransomware attack, organizations should have a data breach response plan in place and should consider making an insurance claim.

Conclusion

Cyber security is a rapidly evolving field, and both businesses and consumers need to stay informed and prepared. This report provides a snapshot of the cyber security landscape in February 2024, highlighting the importance of robust cyber security practices for all Australians.