A panel discussion at the recent Emerging Cyber Threats Summit, held in Sydney, looked at cybersecurity and the future of the digital economy. With more and more commerce and collaboration taking place digitally, there are great rewards but new risks that need to be considered.
Moderated by Kate Healy, the Principal Cybersecurity Consultant at Aleron Security, the panel brought together Nigel Phair (Managing Director at the Centre for Internet Safety), Cyber Policy Advisor Jacob Boyle from the department of Prime Minister and Cabinet, Ashurst partner Sophie Dawson, IT Security Specialist Martin Brown from AUSTRAC, and Nick Ellsmore from Hivint.
The discussion commenced with the question “What is digital transformation? Why do we need to consider cybersec a part of strategy?” Phair said it was a challenge to develop a corporate strategy that takes security into account. Rather than considering security in isolation, it needs to be part of the broader corporate strategy “Security needs to be in the room,” he said.
Boyle added that it was important that the business understands their responsibility. Wherever you are in the business you are accountable for securing the information you hold and handling the risks, he said.
Part of the problem, said Ellsmore, is a lack of maturity when it comes to matters of cybersecurity. He contended that the focus on availability as a key metric can get in the way of innovation. He said you need an “error budget” so you can innovate – perfect is the enemy of done. There is a need to accept some level of loss but understanding what an acceptable level of loss is remains contentious.
While operational matters are important, Dawson noted it was important to also consider the legal and regulatory environment and the need for both proactive and reactive planning. Healy then asked, “How do you balance risk with how to innovate?”.