Publications

Cybersecurity as an enterprise-wide business risk

Home Insights Cybersecurity as an enterprise-wide business risk

Contributed by:

Contributed by: Liz Blythe

Published on:

Published on: November 30, 2017

Share:

With a new Government committed to digital inclusion and growing the technology sector's contribution to GDP, Cyber Smart Week is a timely opportunity to reflect on the risks associated with our ever-increasing reliance on digital technologies and the importance of being properly prepared.

Cybercrime globally has been described as being at "another level" over the last 12 months by Europol, who reference ransomware attacks such as 'WannaCry' that indiscriminately affected millions of victims worldwide, and in addition to ransomware attacks, botnets, data breaches, attacks on bank networks and payment fraud, which have also all been significant features of 2017.

The rise of artificial intelligence and machine learning is helping cyber criminals to launch more sophisticated attacks, more quickly, than ever before. The recent explosion of cryptocurrencies has facilitated the anonymous funding of these criminal activities with cybercrime-as-a-service and other organised cybercrime on the rise globally. New Zealand has not been immune from attack and, in the digital world, our relative obscurity has not proved a reliable means of security.

Building cyber resilience: The state of the nation

According to Internet NZ, there are potentially $34 billion in productivity savings to be made if the internet were to be used more efficiently. As these potential savings drive adoption of cloud services and the digitisation of traditionally manual tasks, the quantity of personal and business data that will be accessible digitally and passed back and forth through millions of devices each day, is increasing exponentially.  

Which brings us to the Internet of Things. This relative newcomer has quickly gone mainstream and poses a whole new challenge in cyber security preparedness. Information can now be accessed not just from public networks, but also private devices such as home automation systems, smartphones and cars. Studies are beginning to show that many of these interconnected devices have serious vulnerabilities, which could potentially provide backdoor access to connected systems.  

Yet, emerging technologies are helping the good guys as well and 2017 has been a year of new and innovative developments in the fight against cybercrime. Big data analytics, AI and machine learning are all helping to identify and analyse threats more quickly and are assisting us to be swifter in recognising, understanding and responding to new types of digital crime.

Netsafe's Re:scam service is even using chatbots to reply to scammers' emails and occupy their time so they don't have as much capacity to target real businesses and people.

Plan your response to digital extortion in advance

Government initiatives such as CERT NZ are raising awareness, gathering data and identifying trends that will hopefully enable us to be more proactive in our efforts and more efficiently target our cyber security spend to key risk areas affecting New Zealand.

Global regulatory trends in data protection and cybersecurity offer more comprehensive regulatory regimes, increasingly rigorous compliance obligations and steeper penalties for breaches.

With the New Zealand Privacy Act under review and a new Government in support of a Digital Bill of Rights Act, it is likely New Zealand could follow suit sooner rather than later.  

In this dynamic environment of constantly changing threats, ever-increasing digitisation and a global trend towards more stringent regulation, cybersecurity is no longer just a technology risk, it is an important enterprise-wide business risk both in New Zealand and throughout the world.

As published recently by CIO New Zealand.


This article is intended only to provide a summary of the subject covered. It does not purport to be comprehensive or to provide legal advice. No person should act in reliance on any statement contained in this publication without first obtaining specific professional advice. If you require any advice or further information on the subject matter of this newsletter, please contact the partner/solicitor in the firm who normally advises you, or alternatively contact one of the partners listed below.

Talk to one of our experts:
Related Expertise