Susie Jones, founder of cyber security startup Cynch Security, questioned how the government’s cash splash would prevent small businesses from clicking on a malicious link.
“This is all about very technical solutions and the government needs to invest in a broad campaign to help people understand how they put their own business and person at risk by not taking security seriously.”
Meanwhile, Pieter Danhieux, co-founder and CEO of cyber security startup Secure Code Warrior, said there was an opportunity for private companies and government to work together on the cyber threat-sharing platform and startups needed to be included in Australia’s cyber security response.
“I am hoping that money won’t all go to the foreign multinationals and will flow to the Australian startup community and Australian companies.” “It is an opportunity for startups to start building technology.”
He added that Australia’s response needed to include upskilling and training people in cyber security. Growth network AustCyber has indicated Australia needs an extra 17,600 cyber security professionals by 2026.
Professor Matt Warren, director of the RMIT University Centre for Cyber Security Research and Innovation said the announced funding doesn’t do enough to address skill shortages.
“The problem is that government is in competition with Australian industry to recruit these professionals. Australia needs to develop its cyber security workforce from a sovereignty perspective in order to safeguard and protect Australia into the future,” he said.
“In order to promote cyber security as a profession, the Commonwealth should either make scholarships available for students to study cyber security, or reduce the cost of cyber security courses.”
“The reality is cyber criminals take advantage of a crisis,” Ms Jones said.
Research published on Tuesday by IBM and the Ponemon Institute shows businesses are struggling to implement effective cyber security plans amid fast-moving attacks and a proliferation of complex security tools.
The annual Cyber Resilient Organisation Report indicates there has been a 44 per cent growth since 2015 in the number of organisations with incident response plans, but that over those same five years organisations’ ability to contain an attack has declined by 13 per cent.
“Complexity is slowing them down,” IBM Security’s Australian CTO Chris Hockings said. “With the continued adoption of cloud environments, and just the proliferation of security products. They have up to 45 different security tools, on average.”
On the contrary, adversaries were only getting more agile.
“Attackers are not constrained by existing IT solutions that they need to remain available for business continuity,” Mr Hockings said. “They’re uninhibited in terms of their ability to consume new innovation more quickly.”
Cara is the small business editor for The Age and The Sydney Morning Herald based in Melbourne
Tim is the editor of The Age and Sydney Morning Herald technology sections.