Guy Eilon, the country manager of Forcepoint, was commenting on the speech made by Dan Tehan, the minister assisting the prime minister on cyber security, on Wednesday.
Tehan addressed the National Press Club on the same day that Malcolm Turnbull made a statement to the parliament about the nation's cyber defences. Back in April, Turnbull had publicly stated that Australia now has an offensive cyber capability housed in the Australian Signals Directorate.
Eilon (pictured) said Tehan had accurately described the state of affairs by pointing out that there were vulnerabilities in the nation's defences to hackers, malicious states and cyber terrorism.
"In fact, recent research from Forcepoint revealed more than 90% of ASX-listed participants have been exposed to an internally driven data breach. Despite the prevalence of these attacks, only half of the participants believe they have a security solution in place that comprehensively protects them against the insider threat."
Eilon said at a time where trust was currency, companies could not afford to roll the dice on cyber security. "They can’t afford to have customers question if their data is really safe. That’s the beauty of the Data Breach Notification legislation highlighted by Tehan whereby companies are required to immediately report instances of security breaches where customers’ personal data has been stolen or inadvertently released."
He said the legislation was important not just because it allowed customers to close accounts or update passwords which may have been compromised, but because it meant big corporates knew they needed to be transparent about their state of security. "Ultimately it’s a good thing for businesses as it ensures they have the relevant people, process and technology in place to continually secure sensitive data."
Eilon said as the cyber-security landscape evolved at pace, businesses would want to do all they could to remain ahead of the game. "It is no longer enough to protect the perimeter; threats can come from inside as well as out.
"Embedding security solutions that combine data loss prevention with behavioural analytics, delivering comprehensive security training for all employees, and being on a constant state of alert will give business the best shot at mitigating their own vulnerabilities."
He said the benefits also went beyond the mitigation of risk, as companies who took a proactive approach to cyber security would establish more trust and loyalty with their customers which was a significant competitive advantage in today’s market.