Why you need to attend FINSIA's upcoming cyber workshop?
There is not enough capability in either the public or private sector to combat cybercrime, according to one of the experts leading FINSIA’s upcoming cyber workshop.
There are not enough people to go around for the demand to help combat this problem - in the both the public and the private sector, says Max Pemberton.
Organisations and governments are completely overwhelmed by the sheer size and complexity of this problem, according to the former special forces team leader.
While figures vary, it's estimated there is a need for between an extra 16,000 to 30,000 cyber specialists by 2026. The Australian Signals Directorate also says the need for more expertise, saying it wants to hire nearly 2000 in the cyber security space within the next decade to combat cyber-attacks.
Australia is behind the eight ball in regards to cyber, but the Medibank and Optus breaches have really pushed the government to bring up a lot more of the fines because of the ramifications for poor cybersecurity. A raft of different rules and regulations are being tabled, which will significantly increase organisations requirements to report cyber-attacks.
What you will learn at the select in-person event:
- As part of the six core modules, we're looking at the threat.
- What are they doing now,
- What are they likely to do next,
- What does it actually mean in a corporate context and
- How can we start to plan for the unfortunate event that it's not a matter of if, it's a matter of when that we get cyber attacked.
A 100-page penetration test report will be double Dutch to most people, explains Max in FINSIA’s latest Podcast.
But if you turn it into a cyber risk based approach, you can start to give the executive teams and the C-suite the understanding of why they should act and what they should do.
Being able to pull in everything from what is the threat doing, what are our controls doing, what are our exposures doing into a risk-based approach can help us and organisations to really start to then prioritize their cybersecurity budget resources.
Then we start to look at the national ecosystem. What can governments do to help? What can you request off of governments to really try and help support your cybersecurity resilience journey?
The people who benefit out of this are going to be those operational to strategic leaders who have a requirement and/or focus on the cybersecurity of their organisation.
It's really to try and provide them with the tools and techniques of how to think about cyber and the risk cyber represents to their business - and how to think about it in such a way that we can put in realistic solutions that are commensurate with the business objectives and also commensurate with the resources that the organisations have.