Menu Close

Cyber security: A real life game of threats

A cyber-criminal has just launched an attack against your enterprise database and is attempting to steal your sensitive data. You have 90 seconds to formulate a response. If you make the wrong decision, you will lose your data.

This is a simulated cyber-attack from PwC’s interactive card-based game Game of Threats, but scenarios like this are becoming commonplace. In fact, cybercrime has moved from being statistically insignificant over the past 6 years to being the number one economic crime in Australia, according to PwC’s 2016 Global Economic Crime Survey.

Australian business leaders are harnessing new technologies such as robotics, automation and AI to drive productivity and growth, and while these innovations have the potential to reinvent the way we do business, they are increasingly both the motivation and opportunity for attack.

According to PwC’s recent CEO Survey, 80% of CEOs are concerned about cyber threats. However, when asked what areas of business CEOs wanted to strengthen to capitalise on new business opportunities (such as robotics), not a single CEO mentioned cyber security. This is despite cyber risk being ranked as a significant threat to business growth and trust.  

Instead of just stealing your data, what if attackers took control of your automated machinery or shut down your entire assembly line?  The impact of a cyber-attack could potentially extend beyond economic losses to include health and safety impacts.

For companies to truly embrace innovation, CEOs must plan for the risk involved.

Cyber security checklist

  1. Prepare for the worst.
  2. Integration and collaboration with customers and suppliers are critical to maintaining trust when things go wrong.

  3. Evaluate your preparedness to deal with cyber threats.
  4. A swift and effective response will minimise damages and help you rebuild lost trust.

  5. Accept ownership of cyber security across the whole of the business
  6. This includes IT and Operating Technology. Think about how your customers and suppliers fit into your IT ecosystem.

  7. Determine your exposure to third-party risk.
  8.  
    How safe are the systems of your suppliers?

  9. Consider the impact of new tools and technologies
  10. Consider the impact of new tools and technologies on your risk profile, policy and operating procedures.

  11. Determine the impact of automation
  12. On culture, people and training.

  13. Evaluate
  14. Evaluate whether you are committing adequate time, resources and budget to support your holistic view of cyber security.

In Game of Threats defensive teams are typically successful if they agree on a robust strategy at the beginning and follow it through to completion. Players who are reactive may get ahead in the short term but tend to be the least agile and obtain no long-term benefit from ‘spur of the moment’ investments.

For more information on why cyber security is 1 of 5 key areas that Australia’s CEOs should focus on this year to set their companies up for long-term, sustainable success, visit www.pwc.com.

1 Comment

  1. Frank Theilen

    Well explained. I only want to point to number 3. that cybersecurity needs to be addressed in all of the business and therefore needs to have business owners. Someone has to confirm the action taken by IT/security personnel if they have to. Also someone has to address topics with employees and review the performance. Do you have cybersecurity as an assessment in your application, onboarding and performance review process?

Leave a Reply