Australian CEOs Identify Cybersecurity as Top Priority: KPMG Report

In the wake of escalating cyber threats, Australian CEOs have identified cybersecurity as their topmost priority for 2024 and beyond, according to a survey conducted by KPMG. Titled ‘Keeping us up at night,’ the report is based on the responses of over 300 CEOs and brings to light the heightened concern about cyber risks following a series of significant cyberattacks.

Mounting Cyber Threats

The urgency around cybersecurity was sparked by a severe breach of Medibank’s sensitive customer health records in October 2022. The situation worsened with a cyberattack on DP World ports, threatening the holiday shopping season in November. These incidents have underscored the vulnerability of data and systems to cyber threats, making cybersecurity a pressing issue for CEOs.

Government’s Role in Cybersecurity

As the digital landscape becomes increasingly perilous, the government has been focusing on rebalancing responsibilities in cyber and moving towards new substantive requirements. The National Cybersecurity Strategy, new regulations, incident reporting mandates, and new cyber mandates are some of the top cyber issues for 2023 and are expected to continue influencing the cyber landscape in 2024. The government’s efforts are aimed at streamlining the multitude and varied number of confidential and public reporting requirements, which directly impact how regulators treat incidents and victims.

Impact on Industries

Industries worldwide have felt the sting of these cyberattacks. First American, a title insurance giant, suffered a cyberattack that raised concerns about the company’s risk mitigation issues and security concerns in the title insurance industry. Similarly, Fitch Ratings is monitoring the situation after Fidelity National Financial, the nation’s largest title insurance firm, was hit by a suspected ransomware attack. These incidents have highlighted the pressing need for robust cybersecurity measures.

The Road Ahead

Going forward, cybersecurity experts are advising companies to ensure they have at least basic cybersecurity measures in place to protect their systems. These include implementing guidance based on a NIST framework, using strong unique passwords, and checking programmable logic controllers for default passwords. Furthermore, as cybercrime continues to evolve, with AI accelerating its pace, businesses must ensure they are prepared for increasingly sophisticated attacks. As such, the importance of cybersecurity is not expected to diminish, but rather, it will remain an enduring challenge, as noted by KPMG’s chief executive, Andrew Yates.