The global arms race between cybersecurity experts and scammers is still raging and increased digital literacy is needed to ensure all Australians can securely navigate digital systems, according to experts at an Optus and Australian Financial Review roundtable. Developments such as voice-activated technology could make digital navigation easier for Australians who lacked digital literacy, said Optus Enterprise and Business managing director Gladys Berejiklian.
“It will be easy to use advanced apps that are around the corner,” she said. “I think that’s where government has leant in, in terms of provisioning some of those opportunities.”
Remote work is driving innovation in cybersecurity including secure fleets of devices, Berejiklian said, adding that businesses were concerned about the remote employee experience as well as network security.
“You want your employees to be productive no matter where they are, but you also want to ensure that your systems at all times are secure,” she said, adding that employers could use dashboards to monitor remote employees’ output to boost productivity and prevent burnout.
“You can have dashboards where you can, for safety reasons, see how many hours employees are doing something,” she said, adding the employees could be reminded to have a rest if necessary.
Australia’s cybersecurity needs to be balanced with consumer choice and encouraging innovation, the roundtable experts agreed, with consumer demand driving a boom in digitised payments and a consumer-led push for an easy way to prove digital identity without resorting to photos of passports and driving licences.
Other nations such as Estonia, Singapore and the Nordic countries have been much faster to embrace digitised identity, said Andrew Black, managing director at ConnectID, a company which gives consumers the option to verify their digital identities by using their bank apps.
“The Australia card debate fairly solidly crystallised that anything that we do here needs to be voluntary, consumer-led and provide choice,” he added.
The federal government has introduced a “trusted digital framework” which allows for a public-private sector exchange of identity and data, Black said. It allows consumers to choose where their data is stored. It reduces the business risk associated with data storage as well as improving productivity by reducing manual scoping of data and providing for faster online interactions, he added.
“What that realistically means is that instead of having to take a passport or driving license when you want to go to open a bank account, you could use MyID, or you could use a ServiceNSW digital identity or digital driving license or a bank identity, which we provide with Commonwealth Bank, and now NAB, ANZ and Westpac,” he said.
While the old-fashioned 100-point check was still king In Australia, he added, ConnectID was now working with the federal government to join public and private sector digital identity networks.
The big questions were how to accelerate the pace of change and how to align regulations, Black said. “The technology’s there,” he added. “The technology is never the issue. It’s how do we catch up with pace and policy and regulation and alignment so as to enable the usage.”
The federal Department of Finance has been consulting widely on digital identity, he added, and recognised that the pace of regulatory change needed to accelerate to leverage the benefit of advances in digital technology and move to a more secure digital economy.
Onshore data centres would provide increased security and resilience, and would also keep costs down by boosting competition, Black said. Domestic sovereignty was important across the board, and Australian data centres would reduce reliance on Silicon Valley, he added.
“We’re always going to want to collaborate and look to partner with international leaders in APAC and in the US,” he said. “But I think having our own frontier models here in Australia is pretty important.”
Meanwhile, Australian organisations continued to be hit with cyberattacks and lacked confidence in their ability to counter them, researchers have found.
Cisco’s Cybersecurity Readiness Index found 82 per cent of surveyed organisations said they had been subjected to an AI-enabled attack in the last 12 months and only 3 per cent said they felt ready to deal with it, said Cisco president Asia Pacific, Japan and Greater China, Ben Dawson.
What companies were trying to protect had changed, Dawson added. Whereas once it was limited to data held within the organisation, it now extends down through supply chains into small and medium businesses, consumers and third- and fourth-party providers.
“Solving that cybersecurity threat or combating AI threats with AI-enabled tools is going to be really important, and that’s going to require a collegiate response government and industry,” he added.
That will require a delicate balance between coordination and innovation. Organisations could choose to manage their cybersecurity and their data in-house or they could decide to take advantage of the innovation underway offshore and possibly play a role there, Dawson said.
“I think if we over-regulate,” he added, “we risk putting the digital shutters up around the island and not getting the full advantage of the global community that’s building and growing innovation in this space.