CIOs and CISOs : It ’ s time to get on board ( s )
Lani Refiti , ANZ Regional Director at Claroty , tells us boards must include the expertise of CIOs and CISOs to advise on critical cybersecurity issues . He says : “ CIOs and CISOs need to be elevated to board level . At present they are conspicuous by their absence .”
Earlier this year , the ransomware attack on Colonial Pipeline which cost the company $ US4.4 million presented a serious warning to the industrial sector around the world . But it was only the tip of a global iceberg .
In July , ABC reported : “ It ’ s an open secret within the tight-lipped world of cybersecurity . For years , Australian organizations have been quietly paying millions in ransoms to hackers who have stolen or encrypted their data .”
The Australian Labor Party is currently trying to reveal the collective amount local organizations have paid . Shadow Assistant Minister for Cybersecurity and for Communication , Tim Watts , has tabled a bill that would make it mandatory for Commonwealth , state or territory entities , corporations and partnerships , to report ransomware payments .
Meanwhile , Australia ’ s Department of Home Affairs has taken another initiative to combat ransomware . In July , it established Operation Orcus , a taskforce spanning several agencies including the Australian Cybersecurity Center ( ACSC ), the Australian Federal Police ( AFP ), the Australian Criminal Intelligence Commission ( ACIC ), Austrac and state and territory police forces , but has given no details of how it will operate .
And in March the Department of Home Affairs ’ Cybersecurity Advisory Committee issued a report : Locked Out : Tackling Australia ’ s Ransomware Threat , which flagged