Strategy the best security defence: AFP

Security policy should cover data contained in devices, physical and virtual environment

While Australian law enforcement agencies are doing their best to combat cyber crime, businesses need to do their part too, according to an AFP assistant commissioner.

Speaking at the Symantec Symposium 2012 in Sydney, Neil Gaughan, who also manages the AFP high tech crime operations, told delegates that the ability for cyber criminals to use technology to commit crime, attack critical infrastructures, and undermine national security was a very real threat that law enforcement agencies were responding to.

“Every organisation, large or small, needs to ensure they have a defence-in-depth strategy for protecting the vital assets on which their business depends,” he said in a statement.

For example, businesses should protect information contained on corporate and employee-owned devices as well as data in a physical or virtual environment.

Gaughan has previously called for mandatory data breach notifications to become law in Australia.

In August 2012, he told delegates at the Cyber Security Summit 2012 in Sydney that there were “significantly more data breaches” in Australia that go unreported compared to overseas countries where mandatory breach notification legislation is in place.

“I can understand why businesses are reluctant to report that [data breach] because it is an issue of reputational damage,” he said at the time.

“However, I think there is a lost opportunity to prevent attacks on victims, and, a lost opportunity for individuals to take mitigating steps to prevent data being compromised.”

Follow Computerworld Australia on Twitter: @ComputerworldAU, or take part in the Computerworld conversation on LinkedIn: Computerworld Australia

Comments

Comments are now closed

UPDATED: Which NBN plan is best?

READ THIS ARTICLE
DO NOT SHOW THIS BOX AGAIN [ x ]