Australia could become Asian cyber security base, says CBA’s security chief
- 10 March, 2015 13:00
CBA's chief information security and trust officer, Ben Heyes
Australia could become a beachhead of cyber security capabilities into Asia due to our stable ICT and economic environment and comparatively high level of trust compared to our neighbours in the region.
This is the view of Commonwealth Bank’s chief information security and trust officer, Ben Heyes, who was speaking at an event on Tuesday hosted by the Committee for Economic Development of Australia and PwC.
“We [CBA], think there’s an opportunity for Australia to reposition its economy to leverage cyber security as a capability into Asia,” he told attendees.
Heyes said our immediate neighbours are operating in a different environment with China often constrained by accusations that its military is directly involved in its ICT and security industry.
He said China, Indonesia and Thailand are the three most likely places where individuals and businesses would suffer a cyber attack, Vietnam is one of the top three sources of malware distribution, and India is a main source of ransomware.
“The ICT environment across Asia-Pacific entities and their countries has a quite a significant threat context associated with it when contrasted with Australia,” he said.
Heyes said the UK is establishing a £6 billion export industry around cyber security, positioning itself as a capable nation able to defend itself, as well as a contributor of cyber security skills into the European market.
He believes Australia has the right ingredients – a regulated environment, healthy economy, culture of innovation, early adoption of technology, and political stability – to do the same.
But we need to get our “home front” sorted first and make Australia a hard target for cyber criminals, he said.
“We also, and I think about this in economic terms, have the opportunity to lift the maturity of some of the discussions as we think about some of the threats. We have been naturally rebalancing some of our investments from just preventative technologies into detective, responsive and predictive, or intelligence-based technologies and controls,” he said.
CBA itself directly sees the need to link cyber literacy with financial literacy and are preparing to exactly that, he said.
An example of this is CBA’s recent agreement with the Australian Federal Police to step up the fight against online bullying and child exploitation on the Internet.. Volunteers are working with the AFP to educate parents and students about cyber security online.
“Sixty-three per cent of attacks within Australia are directly related to those issues of social engineering,” said Heyes. “Not only is this potentially sowing some seeds for excitement and interest in an ICT career, it’s also a direct response that we need to think about.”
Heyes said a focus on ICT education and working with universities on an appropriate curriculum will be critical to provide a workforce with the right skills to exploit the opportunity for Australia to become a regional hub for cyber security.
Meanwhile, CBA is seeing a fast take up of innovations such as contactless transactions, cardless ATMs, and real-time banking.
“If we look at our credit card transactions, one quarter of them are using contactless technology. So we have a strong appetite within Australia for innovation and the adoption of digital services,” he said.
The bank is also looking at using biometrics and cryptocurrency technologies. It recently invested $5 million with the University of New South Wales to research quantum cryptography.
“Quantum mechanics and quantum cryptography potentially has a whole range of applications, some of those being in the financial services sector – but all of this allows us to harness greater computational power and execute faster encryption and decryption of private messages and help us secure transactions and interactions with our customers,” he said.
Follow Byron Connolly on Twitter:@ByronConnolly