By Nikki Saunders, cybersecurity EcoSystem Program Manager, Pacific, Schneider Electric
Cybercrime is the biggest threat facing corporate Australia today, costing the economy more than an estimated $3trillion.
With the sophistication, agility, and frequency of attacks increasing (one every 8 minutes in Australia), it's encouraging to see the federal government implementing new legislation in response. However, while the intention is to better protect Australia's critical infrastructure, this new cybersecurity framework could do the opposite.
Originally designed in 2018 the reformed 'Critical Infrastructure Protection Act 2022' came into effect in July this year. With an improved framework for handling cyber threats, it includes an array of measures to which Australian businesses and services must adhere.
In theory, the new act is imperative for safeguarding a modern Australia. Its existence provides a benchmark for IT and OT professionals across a greater variety of industries, and ensures security is a collective responsibility.
The importance of addressing this responsibility cannot be overstated in an environment of increased cyber threats to essential services and businesses over the past few years – including federal parliamentary networks, the medical sector, universities, and key software businesses.
Take the most recent attack on Optus' network as an example, which has seen millions of customers potentially affected, with full names, date of births and