‘Alone we will fail,’ was the message from Alastair MacGibbon, Head of the Australian Cyber Security Centre and keynote speaker at MailGuard’s 2018 Cybersecurity Awareness Luncheon.
On Tuesday 6 March, MailGuard collaborated with PWC and Microsoft to bring together CEOs and cybersecurity experts in a forum focussed on the rise of cybercrime and the challenges it presents for business.
The expert speakers included:
- Steve Ingram, Cyber Lead PWC Asia Pacific
- Anita Sood, ISV and Next Generation Partnerships Lead Microsoft Australia
- Craig McDonald, CEO & Founder of MailGuard and cybersecurity author, and
- Alastair MacGibbon, Head of the Australian Cyber Security Centre
Cybersecurity: a pressing issue
PWC’s 21st CEO Survey recently revealed some telling trends in the thinking of the world’s business leaders, including their growing concern about cybersecurity:
“Extreme concern’ levels climb across almost all the main threats we measure” states the report. “Terrorism and cyber threats moved up; uncertain economic growth and exchange rate volatility moved down… North America – the bastion of bullishness – reports high levels of ‘extreme concern’ regarding its chief threats; cyber-threats (53%), then over-regulation (50%), geopolitical uncertainty (44%), terrorism (43%), and speed of technological change (34%)...” - PWC 21st CEO Survey.
(Image: Graph from PWC’s 21st CEO Survey showing the steep growth in concern amongst CEOs internationally about cyber-threats.)
Cyber-threats continue to be an enormous challenge for Australian companies and are now Australia’s number-one economic crime. CEOs are often directly targeted by social engineering attacks designed to exploit their authority within organisations.
With the recent introduction of the Notifiable Data Breach (NDB) Scheme, the imperative is greater than ever for business leaders to tackle the challenges of cybersecurity.
The CxO Cybersecurity Awareness Luncheon last week was an opportunity for executives to get expert advice from prominent influencers in government and business, and broaden their understanding of data-breach prevention.
Cybercrime is 'a business issue'
Steve Ingram opened the discussion with an insightful talk on the steep rise in concern about cybercrime evidenced in PWC’s 2017 CEO survey, and he emphasised the importance of information sharing in combating cyber-threats:
“Cybersecurity isn’t a problem that we can solve on our own. No one organisation, no one government can do it; we need everyone working together,” Steve said.
“You see so much variation in the way we work today compared to a few years ago. People are often saying that CEOs and boards don’t get it but I don’t agree with that anymore. They’re not technical and they don’t understand the intricacies of the technology but they certainly understand that this is a business issue and it’s one that they need to move on pretty quickly.”
(Steve Ingram, PWC Asia Pacific, speaking at the Cybersecurity Awareness Luncheon.)
Talking about the findings of the PWC CEO survey, Steve Ingram commented:
“It’s surprising that from a macroeconomic level we are having record levels of positiveness from CEOs; bullish about macroeconomic growth. What’s interesting though, when you get down to what are the day to day risks, they’re probably also more worried than ever. In the past, it was about changes in customer buying behaviour, but those issues aren’t really on the radar at the moment. Running through the top ten of what they are most concerned about, number four is cyber.”
Cybercrime statistics concerning
The theme of cybercrime’s impact on business confidence was continued by the second speaker to take the lectern. Craig McDonald, CEO of MailGuard and cybersecurity author shed light on the alarming statistics that are generating so much anxiety in business leaders.
“90% of threats are coming through email. What attention are we actually paying to that? We’re discussing it at board level; the IT department are getting briefed. Are we flying down enough education to the staff level, and are they taking that knowledge home?” Craig queried.
“We’ve got to pay attention across the board. Email phishing, spam, unwanted email is dominant in our inboxes. If you’re fortunate enough to have services preventing a lot of that from hitting your inbox, it’s still impacting on the consumer side and fast-break emails are getting through… 60% of small to medium businesses that suffer a cyber-attack are out of business within 6 months. The economy here in Australia is made up of small businesses, so what impact is that going to have on the rest of us if their doors shut? What effect on the economy is that going to have?”
(MailGuard CEO, Craig McDonald.)
In his presentation, Craig McDonald underlined the importance of greater business cooperation in the battle against cybercrime:
“This collaborative approach of having conversations with peers, attending events, applying knowledge to our customer base, our downstream, our collaborators is essential; we’ve all got to participate in stopping these threats from occurring.”
Microsoft’s Anita Sood talks partnership
Craig McDonald welcomed Anita Sood - Microsoft Australia’s ISV and Next Generation Partnerships Lead - to the stage by applauding her innovative work growing Microsoft’s extended partner community.
Anita began her talk by reminding the gathered CEOs about the massive investment of research and energy Microsoft is pouring into cybersecurity:
“Our business would fail if we didn’t treat security as something we believe in. Every month we send a billion updates through our Windows network and we’re inspecting over 400 billion emails. We want to be sure that we’re sharing that data - all that information on what we see - with our customers and partners.
I’d love to say Microsoft could do it alone, and have a fully secured end-to-end capability to handle all the cybersecurity threats that are coming, but it takes a family, an ecosystem to do this and it needs to be a multi-layered approach to give us the depth of protection we need; governments, the commercial sector, technology companies coming together. What we focus on at Microsoft is harnessing the leaders, like MailGuard, like PWC, like the Australian Government; because without those, we cannot singly fight this. MailGuard is one of twenty partners globally who are working with us to help secure all our customers, so I think we’ll see some great things coming out of this partnership.”
(Anita Sood, ISV & Next Generation Partners Lead, Microsoft Australia; speaking at the Cybersecurity Awareness Luncheon.)
From 'threat' to 'opportunity'
Alastair MacGibbon, head of the Australian Cyber Security Centre - was the final speaker and keynote at the CxO event. Alastair talked about the evolving cybersecurity landscape with particular reference to Australia’s new Notifiable Data Breach Scheme.
“The mandatory data-breach disclosure legislation - the NDB Scheme - has come into effect in this country, and it’s a good thing. The NDB is a level playing field for any business to report a breach of personal, identifiable information, if it could have a material impact on those people the data was released on. It helps with transparency and discussion but it should not create fear, uncertainty and doubt. What it should do is let us all feel we can talk about an issue.”
(Keynote speaker Alastair MacGibbon; Head of the Australian Cyber Security Centre.)
Alastair went on to talk about the role he sees government bodies playing as cybersecurity facilitators:
“The discussion has changed from ‘threat’ to ‘opportunity’; from a binary approach to security to a risk management discussion.
You’ll see us, as government representatives, talking about things that go wrong in our systems, whether it’s criminal or nation-state groups. IT systems should be advancing us socially and economically, but if we don’t get it right they will be a significant existential threat for us.
It’s easy for government to talk about cybersecurity collaboration. It’s much harder to do. But we’re committed to doing it, because - as all the speakers before me have said - we can’t do this individually.
As a Commonwealth, we’re quite strong. We should be glad about the capacity we have as a country - but alone we will fail. Microsoft alone will fail. PWC on its own… MailGuard on its own… But together, with the sharing of information, with the sharing of solutions, we build the technologies that will lead to social and economic benefit - not just for us as a nation but as a world.”
About the speakers
(CxO Cybersecurity Luncheon Speakers, L to R: Alastair MacGibbon, Anita Sood, Steve Ingram, Craig McDonald.)
Alastair MacGibbon is an authority on cybercrime, including Internet fraud, consumer victimisation and a range of Internet security and safety issues. Alastair is Head of the Australian Cyber Security Centre, and Special Advisor to the Prime Minister for Cyber Security. He is an Adjunct Associate Professor in the faculty of Business, Government and Law at the University of Canberra, a Director at the Centre for Internet Safety, and General Manager, Security at Dimension Data.
Until June 2014, Alastair was the founding CEO of CREST Australia, a not-for-profit organisation that certifies "white hat" ethical hackers; and managing partner of Surete Group, a consultancy dealing with improved customer retention for Internet-facing companies by increasing trust and reducing negative user experiences.
Alastair was a Federal Agent with the Australian Federal Police for 15 years, his final assignment as the founding Director of the Australian High Tech Crime Centre.
Steve Ingram - Cyber Lead, PWC Asia Pacific - has been a partner with PWC since 2004, specialising in technology and cyber services.
Steve was formerly a General Manager with the Commonwealth Bank of Australia (CBA), where he was responsible for fraud and security related intelligence and risk management.
During his earlier career in government, Steve’s roles included Manager Special Projects with the NSW Independent Commission Against Corruption (ICAC) and Detective with the Australian Federal Police.
Craig McDonald is the CEO & Founder of MailGuard and a cybersecurity influencer.
MailGuard has rapidly become one of the world’s foremost SaaS email security providers.
In 2017 Craig authored his first book, ’Surviving the Rise of Cybercrime,’ a non-technical guide for executives grappling with cybersecurity challenges.
Craig recently announced his latest cybersecurity venture, GlobalGuard, a global ecosystem of cybercrime fighters using the power of AI and Blockchain technology to defend businesses from criminal intent.
Anita Sood is ISV & Next Generation Partners Lead with Microsoft Australia. Anita has many years of international experience in driving customer/partner transformation, leading high performing teams & shaping markets. She is focussed on helping Microsoft customers navigate disruptive changes by leveraging leading technologies from across the Microsoft network to deliver innovative solutions.
Anita has worked with Microsoft since 2006 and also spent 4 years working for Cisco Systems. She has received the Microsoft Circle of Excellence Award & The Transformation Award for ‘Distinguished Recognition of Leadership’ from Cisco Systems.
If you would like to learn more about the complex cybersecurity challenges facing business today, please download the e-book Surviving the Rise of Cybercrime by MailGuard CEO Craig McDonald. This plain English handbook explains the most common threats and provides essential guidance on managing risk.
“Cybercrime is a serious and growing business risk. Building an effective cybersecurity culture within an organisation requires directors and executives to lead by example. Surviving the Rise of Cybercrime is a must-read for directors and executives across business and in government and provides strong foundations for leaders determined to address cyber risk.”
- Rob Sloan, Cybersecurity Research Director, Wall Street Journal.
Download your copy of Surviving the Rise of Cybercrime for free, here.