Business Daily Media

The Times Real Estate

.

AISA CyberCon in Melbourne


Last week, Yonni Shelmerdine, Global VP of Product at SentinelOne, led a session at AISA CyberCon in Melbourne, on 12 October. We caught up with Yonni to get his take on cybersecurity in Australia.

In your opinion, what is the state of cybersecurity in Australia, and how does it compare to other parts of the world?

At a very high level, Australia is a very sophisticated, first-world, technologically advanced, and economically strong country. The country, with a population of about 25 million people, spends more on cybersecurity than India, which has over a billion people in it. In terms of investment, knowledge, and understanding, they are actually doing quite well.

However, Australia doesn’t have a large population, so there is a massive skills shortage here. Additionally, and this is an estimate, it seems that about 80% of cybersecurity spending is done by 10% of the country’s enterprises – banks, insurance companies, mining companies, and some large government organisations, such as defence.

When you step past that first tier of companies, there is a significant drop in cybersecurity maturity, which is probably similar to many other countries in the world outside of the United States and the European Union.

However, the last two weeks have most likely made a permanent impact on Australia’s cybersecurity posture. First, we had the Optus breach, where nearly half the country’s population had their data breached, and 3 million people had their highly sensitive personal data exposed. Then, Medibank, a health insurance company, was breached, exposing millions of people's health data and personal data. After that, one of Australia’s largest energy companies was also breached, and several others as well.

This isn’t the first time we’ve seen headline breaches in Australia, but it is the first time that the impact is so broad and frequent.

In response to those breaches, the Australian Government has just announced that they'll increase the penalties for Data Breaches. What are your thoughts about this? How does this regulation compare to the US and EU regulations?

Before this latest series of cyberattacks, organisations could not be fined more than $2M under the existing legislation. Many companies did not recognise any incentive to invest above baseline controls, due to the penalty of a breach being almost irrelevant. However, with the new proposed legislation, companies can find themselves facing significantly higher fines that could impact their bottom line.

As a result, those lower-tiered organisations will have to start viewing cybersecurity as an investment rather than an expense, which should help upgrade cybersecurity across Australia.

In terms of comparing Australia to the US and EU, we usually view Australia as being about two years behind the EU and three years behind the US in terms of wide-scale adoption of new technologies and programs - having said that, Australia’s homegrown cyber ecosystem of software vendors and system integrators has exploded in the last 5 years. With this new legislation, we aren’t going to see those hundreds of millions of dollars in penalties that are assessed in the US, but relative to market size, the financial impact that will be caused by these penalties is comparable. The current proposed legislation is $50M or 3% of company turnover during the period, a significant increase.

In the EU, they protect privacy with GDPR, and that’s enforced through high penalties. Australia doesn’t have that stringent of protection for individuals yet, but there is a lot of talk within the Australian government of adhering to a similar standard.

What are your thoughts on Australia recently appointing a ministry for cybersecurity?

Cybersecurity used to be hidden within a ministerial portfolio in the federal government, but now that it is standing on its own, it actually will make a difference. In the past, if you asked someone on the streets of Melbourne or Sydney about cybersecurity, they may have told you something about an antivirus software they installed, but they never gave it much thought unless their data had been stolen.

Giving cybersecurity its own portfolio and assigning a minister to it means it becomes a political position for parties. When Australian citizens go to vote, they are going to have to consider their party’s position on cybersecurity. This will help drive cybersecurity education across Australia, which is a positive for business and society as it will raise Australia’s overall cyber posture.

Hon Clare O'Neil MP holds the Cabinet position for Home Affairs and Department for Cyber Security. This has proven a defining move by the Albanese government in light of recent events.

Your session at ASIA's CyberCon was about debunking cybersecurity myths. What is one myth that you think will resonate with Australia, and how is the country doing in debunking it?

Many elements in the cybersecurity industry will have you thinking that auxiliary products like SIEM and SOAR are the only logical next step in light of the growing quantities of data and the growing number of cybersecurity products.

In practice, that assumption alienates most organizations - either because they don't have a budget to store all the data, the headcount to manage and continuously monitor the products, or the expertise to use them effectively.

One of the things we see in Australia is a more intentional approach to investment in cybersecurity. That ranges from prioritizing high-ROI products, a balance of products and services, and – most importantly – a goal-oriented approach that helps them determine the outcomes that are most critical to them. We're thrilled to be a part of that process with some of Australia's largest enterprises.

Cutting edge AI technology designed for doctors to reduce patient wait times launched in NZ

New Zealand specialist doctors now have access to Artificial Intelligence technology to help reduce patient wait times and experts say it could be...

Launchd Takes Off: Former AFL Stars Lead Tech-Powered Platform Set to Disrupt Talent and Influencer Marketing

Backed by Institutional Capital, Launchd Combines Five Leading Agencies and Smart Technology to Deliver Measurable Results Influencer marketing i...

Meet the Australian fintech unlocking rewards for small businesses

Small businesses make up 98 per cent of all businesses in Australia, yet they continue to bear the brunt of economic uncertainty. According to Credi...

Teleperformance (TP) Business Insights Report Reveals Key Shifts in Consumer Behaviour

TP’s Business Insights report  into consumer behaviors and preferences, taking in more than 57,000 respondents across 19 sectors, is shedding new li...

HubSpot launches platform-wide AI tools to help businesses close the adoption gap

HubSpot today unveiled more than 200 updates across its customer platform to help businesses grow better. The release introduces smarter tools, new AI...

Why Every Leader Needs a Personal Branding Strategy in 2025

One of the best investments you can make in 2025? Your Personal Brand.In today’s competitive and digitally driven business world, authenticity and...

Sell by LayBy