{"id":57423,"date":"2020-07-10T11:00:43","date_gmt":"2020-07-10T01:00:43","guid":{"rendered":"https:\/\/www.aspistrategist.ru\/?p=57423"},"modified":"2020-07-10T09:58:53","modified_gmt":"2020-07-09T23:58:53","slug":"national-cyber-resilience-strategy-needed-to-protect-australias-small-businesses","status":"publish","type":"post","link":"https:\/\/www.aspistrategist.ru\/national-cyber-resilience-strategy-needed-to-protect-australias-small-businesses\/","title":{"rendered":"National cyber resilience strategy needed to protect Australia\u2019s small businesses"},"content":{"rendered":"<figure><img loading=\"lazy\" decoding=\"async\" width=\"1050\" height=\"700\" class=\"alignnone size-full wp-image-57434\" src=\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2020\/07\/photo-1545405197-2964efafb2c6.jpg\" srcset=\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2020\/07\/photo-1545405197-2964efafb2c6.jpg 1050w, https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2020\/07\/photo-1545405197-2964efafb2c6-205x137.jpg 205w, https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2020\/07\/photo-1545405197-2964efafb2c6-1024x683.jpg 1024w, https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2020\/07\/photo-1545405197-2964efafb2c6-768x512.jpg 768w, https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2020\/07\/photo-1545405197-2964efafb2c6-332x221.jpg 332w\" sizes=\"(max-width: 1050px) 100vw, 1050px\" \/><\/figure>\n<p>Australians have learned severe lessons with the disruption of public health management during the Covid-19 pandemic and its social and economic consequences. Now, the nation has been <a href=\"https:\/\/www.abc.net.au\/news\/2020-06-20\/why-australia-acted-on-china-hacking-cyber-attack-scott-morrison\/12376700\" target=\"_blank\" rel=\"noopener noreferrer\">alerted<\/a> to serious cyberattacks, which Prime Minister Scott Morrison said were carried out by \u2018a sophisticated state-based cyber actor\u2019.<\/p>\n<p>There\u2019s also been an increase in such attacks on individuals and businesses by criminals using the pandemic as cover.<\/p>\n<p>Given these increasing national security threats, we must take very seriously the state of cyber security in Australia. What happens if a key part of our economy is badly unprepared for malicious cyber activity? What impact might a successful attack have on the nation?<\/p>\n<p>Small businesses make up a third of Australia\u2019s economy. They are defined as having an annual turnover of less than $2 million or employing fewer than 20 people. They are inherently diverse, ranging from childcare and healthcare centres, to government and industry suppliers.<\/p>\n<p>The pandemic has illustrated the importance of childcare to working parents. Consider the national impact if all of Australia\u2019s childcare centres were suddenly unavailable. A concerted cyber campaign that closed down thousands of centres would have serious consequences for entire communities, with major implications for governments.<\/p>\n<p>Other potential targets for malicious actors could be the health practitioners who have access to the sensitive data of nearly all Australians. The impact if this data were stolen and if the practices were unable to operate could be devastating.<\/p>\n<p>And might poor cyber hygiene in a small business with authorised access to Defence Department networks provide an enticing \u2018back door\u2019 to our military secrets?<\/p>\n<p>While large enterprises in Australia have generally enhanced their cybersecurity measures in recent years, small businesses operate in a very different environment. Big firms typically have dedicated IT staff and detailed information-security policies and practices.<\/p>\n<p>In contrast, small businesses often have just enough staff to deliver a particular service, tight budgets and time-poor owners who might also manage the IT despite having a limited understanding of cybersecurity principles.<\/p>\n<p>The reality is that most small businesses are highly vulnerable to malicious cyber activity. The Australian Cyber Security Centre has been warning of this, particularly during the Covid-19 crisis. It has issued <a href=\"https:\/\/www.cyber.gov.au\/acsc\/view-all-content\/alerts\/covid-19-malicious-cyber-activity\" target=\"_blank\" rel=\"noopener noreferrer\">advisory alerts<\/a> outlining the increasing threat posed by criminals using Covid-19 themes and taking advantage of society\u2019s distraction and uncertainty during the pandemic to carry out attacks online against individuals and small businesses.<\/p>\n<p>The inaugural <a href=\"https:\/\/cybersecuritystrategy.homeaffairs.gov.au\" target=\"_blank\" rel=\"noopener noreferrer\">Australian cybersecurity strategy<\/a> was released in 2016 to help Australian businesses boost their cyber resilience. The strategy noted the importance of the sector to the nation, and its vulnerabilities.<\/p>\n<p>Attempts to turn that intent into tangible outcomes have been disappointing to date, as shown in the findings of the Cyber Security Centre\u2019s recently released <a href=\"https:\/\/www.cyber.gov.au\/sites\/default\/files\/2020-07\/ACSC%20Small%20Business%20Survey%20Report.pdf\" target=\"_blank\" rel=\"noopener noreferrer\">small business survey<\/a>.<\/p>\n<p>The government needs to provide more sophisticated leadership in this domain\u2014to encourage small businesses to enhance their cybersecurity for their own sakes and so that they can strengthen national cyber resilience.<\/p>\n<p>The government has mechanisms it could use to stimulate this outcome. The right policies might encourage the designers of new products and services to place greater emphasis on security and privacy from the start. Technical standards are another area in which the government could insist on improved online security\u2014for example, the domain name system, encrypted certificate standards, and secure email protocols.<\/p>\n<p>The government also has a key lever at its disposal in the myriad supply chains of small business providers. Making enhanced security part of the accreditation process for those suppliers could encourage them to start to increase their own cyber resilience. That would spill over into their private online security, with all the flow-on benefits.<\/p>\n<p>The government could also directly enhance cybersecurity for the nation generally, including small businesses, by developing and testing common cybersecurity \u2018toolsets\u2019 across government departments, and then making them available publicly. The UK offers an example of such a strategy, through its <a href=\"https:\/\/www.ncsc.gov.uk\/report\/active-cyber-defence-report-2019\" target=\"_blank\" rel=\"noopener noreferrer\">\u2018active cyber defence\u2019 initiative<\/a>.<\/p>\n<p>Finally, the government could do more to help small businesses accurately assess their own levels of cyber resilience and understand practical measures they can take. An easy-to-understand cyber maturity model and certification framework that resonates with time-poor, cash-strapped business owners might encourage them to do their part in growing the sector\u2019s cyber resilience.<\/p>\n<p>Improving the cyber resilience of thousands of small businesses is not just about their wellbeing. It\u2019s an important element of strengthening the nation against serious cyber threats.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Australians have learned severe lessons with the disruption of public health management during the Covid-19 pandemic and its social and economic consequences. Now, the nation has been alerted to serious cyberattacks, which Prime Minister Scott &#8230;<\/p>\n","protected":false},"author":1169,"featured_media":57434,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_mi_skip_tracking":false,"footnotes":""},"categories":[1],"tags":[416,1513,2138,301],"class_list":["post-57423","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","tag-australian-government","tag-business","tag-cybersecurity","tag-national-security-2"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v19.3 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>National cyber resilience strategy needed to protect Australia\u2019s small businesses | The Strategist<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.aspistrategist.ru\/national-cyber-resilience-strategy-needed-to-protect-australias-small-businesses\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"National cyber resilience strategy needed to protect Australia\u2019s small businesses | The Strategist\" \/>\n<meta property=\"og:description\" content=\"Australians have learned severe lessons with the disruption of public health management during the Covid-19 pandemic and its social and economic consequences. Now, the nation has been alerted to serious cyberattacks, which Prime Minister Scott ...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.aspistrategist.ru\/national-cyber-resilience-strategy-needed-to-protect-australias-small-businesses\/\" \/>\n<meta property=\"og:site_name\" content=\"The Strategist\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/ASPI.org\" \/>\n<meta property=\"article:published_time\" content=\"2020-07-10T01:00:43+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-07-09T23:58:53+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2020\/07\/photo-1545405197-2964efafb2c6.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1050\" \/>\n\t<meta property=\"og:image:height\" content=\"700\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Max Heinrich\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@ASPI_org\" \/>\n<meta name=\"twitter:site\" content=\"@ASPI_org\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Max Heinrich\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.aspistrategist.ru\/#website\",\"url\":\"https:\/\/www.aspistrategist.ru\/\",\"name\":\"The Strategist\",\"description\":\"ASPI&#039;s analysis and commentary site\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.aspistrategist.ru\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-AU\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-AU\",\"@id\":\"https:\/\/www.aspistrategist.ru\/national-cyber-resilience-strategy-needed-to-protect-australias-small-businesses\/#primaryimage\",\"url\":\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2020\/07\/photo-1545405197-2964efafb2c6.jpg\",\"contentUrl\":\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2020\/07\/photo-1545405197-2964efafb2c6.jpg\",\"width\":1050,\"height\":700},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.aspistrategist.ru\/national-cyber-resilience-strategy-needed-to-protect-australias-small-businesses\/\",\"url\":\"https:\/\/www.aspistrategist.ru\/national-cyber-resilience-strategy-needed-to-protect-australias-small-businesses\/\",\"name\":\"National cyber resilience strategy needed to protect Australia\u2019s small businesses | The Strategist\",\"isPartOf\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/national-cyber-resilience-strategy-needed-to-protect-australias-small-businesses\/#primaryimage\"},\"datePublished\":\"2020-07-10T01:00:43+00:00\",\"dateModified\":\"2020-07-09T23:58:53+00:00\",\"author\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/583ae841428fb7b94e74dbd88844292e\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/national-cyber-resilience-strategy-needed-to-protect-australias-small-businesses\/#breadcrumb\"},\"inLanguage\":\"en-AU\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.aspistrategist.ru\/national-cyber-resilience-strategy-needed-to-protect-australias-small-businesses\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.aspistrategist.ru\/national-cyber-resilience-strategy-needed-to-protect-australias-small-businesses\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.aspistrategist.ru\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"National cyber resilience strategy needed to protect Australia\u2019s small businesses\"}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/583ae841428fb7b94e74dbd88844292e\",\"name\":\"Max Heinrich\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-AU\",\"@id\":\"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/3e547bafc690aadfd119b199300aa5fc?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/3e547bafc690aadfd119b199300aa5fc?s=96&d=mm&r=g\",\"caption\":\"Max Heinrich\"},\"url\":\"https:\/\/www.aspistrategist.ru\/author\/max-heinrich\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"National cyber resilience strategy needed to protect Australia\u2019s small businesses | The Strategist","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.aspistrategist.ru\/national-cyber-resilience-strategy-needed-to-protect-australias-small-businesses\/","og_locale":"en_US","og_type":"article","og_title":"National cyber resilience strategy needed to protect Australia\u2019s small businesses | The Strategist","og_description":"Australians have learned severe lessons with the disruption of public health management during the Covid-19 pandemic and its social and economic consequences. Now, the nation has been alerted to serious cyberattacks, which Prime Minister Scott ...","og_url":"https:\/\/www.aspistrategist.ru\/national-cyber-resilience-strategy-needed-to-protect-australias-small-businesses\/","og_site_name":"The Strategist","article_publisher":"https:\/\/www.facebook.com\/ASPI.org","article_published_time":"2020-07-10T01:00:43+00:00","article_modified_time":"2020-07-09T23:58:53+00:00","og_image":[{"width":1050,"height":700,"url":"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2020\/07\/photo-1545405197-2964efafb2c6.jpg","type":"image\/jpeg"}],"author":"Max Heinrich","twitter_card":"summary_large_image","twitter_creator":"@ASPI_org","twitter_site":"@ASPI_org","twitter_misc":{"Written by":"Max Heinrich","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebSite","@id":"https:\/\/www.aspistrategist.ru\/#website","url":"https:\/\/www.aspistrategist.ru\/","name":"The Strategist","description":"ASPI&#039;s analysis and commentary site","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.aspistrategist.ru\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-AU"},{"@type":"ImageObject","inLanguage":"en-AU","@id":"https:\/\/www.aspistrategist.ru\/national-cyber-resilience-strategy-needed-to-protect-australias-small-businesses\/#primaryimage","url":"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2020\/07\/photo-1545405197-2964efafb2c6.jpg","contentUrl":"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2020\/07\/photo-1545405197-2964efafb2c6.jpg","width":1050,"height":700},{"@type":"WebPage","@id":"https:\/\/www.aspistrategist.ru\/national-cyber-resilience-strategy-needed-to-protect-australias-small-businesses\/","url":"https:\/\/www.aspistrategist.ru\/national-cyber-resilience-strategy-needed-to-protect-australias-small-businesses\/","name":"National cyber resilience strategy needed to protect Australia\u2019s small businesses | The Strategist","isPartOf":{"@id":"https:\/\/www.aspistrategist.ru\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.aspistrategist.ru\/national-cyber-resilience-strategy-needed-to-protect-australias-small-businesses\/#primaryimage"},"datePublished":"2020-07-10T01:00:43+00:00","dateModified":"2020-07-09T23:58:53+00:00","author":{"@id":"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/583ae841428fb7b94e74dbd88844292e"},"breadcrumb":{"@id":"https:\/\/www.aspistrategist.ru\/national-cyber-resilience-strategy-needed-to-protect-australias-small-businesses\/#breadcrumb"},"inLanguage":"en-AU","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.aspistrategist.ru\/national-cyber-resilience-strategy-needed-to-protect-australias-small-businesses\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.aspistrategist.ru\/national-cyber-resilience-strategy-needed-to-protect-australias-small-businesses\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.aspistrategist.ru\/"},{"@type":"ListItem","position":2,"name":"National cyber resilience strategy needed to protect Australia\u2019s small businesses"}]},{"@type":"Person","@id":"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/583ae841428fb7b94e74dbd88844292e","name":"Max Heinrich","image":{"@type":"ImageObject","inLanguage":"en-AU","@id":"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/3e547bafc690aadfd119b199300aa5fc?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/3e547bafc690aadfd119b199300aa5fc?s=96&d=mm&r=g","caption":"Max Heinrich"},"url":"https:\/\/www.aspistrategist.ru\/author\/max-heinrich\/"}]}},"_links":{"self":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts\/57423"}],"collection":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/users\/1169"}],"replies":[{"embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/comments?post=57423"}],"version-history":[{"count":4,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts\/57423\/revisions"}],"predecessor-version":[{"id":57435,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts\/57423\/revisions\/57435"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/media\/57434"}],"wp:attachment":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/media?parent=57423"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/categories?post=57423"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/tags?post=57423"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}