Cyber head questions “under-reported” risks


Share on facebook
Share on twitter
Share on linkedin

Via Insurance Business Australia

The head of a specialist cyber security firm has questioned the accuracy of recent data published by the government, saying one of the most significant threats appears to be under-reported.

Ahmed Khanji, CEO of Gridware Cybersecurity, suggested figures collated by the Office of the Australian Information Commissioner (OAIC) may not truly represent the risk of insider threats.

The latest OAIC statistics found malicious attacks were responsible for 57% of notifiable data breaches (NDBs) while human error was responsible for 37%.

However, Khanji’s research pointed to insider threats as a more pressing risk.

“Contrary to what’s being reported to OAIC, we’ve found employees are the greatest threat,” he told Emergence Insurance’s latest webinar for brokers. “Consider who has access to your customer lists and email contacts.”

A global study conducted by Willis Towers Watson and ESI ThoughtLab earlier this year found that 87% of executives viewed untrained staff as the greatest cyber risk to their businesses.

Despite this, staff training was found to have made minimal progress when measured against the US-developed, voluntary National Institute of Standards & Technology’s cyber security framework.

“As humans, we keep finding new ways to make mistakes,” said Gerry Power, head of sales at specialist cyber insurer, Emergence. “But, with sound risk management in place, many breaches can be prevented.”

Power also reiterated the risks around poor employee training, and called for better education.

“Employees are the last line of defence, they must be educated to identify such things as dodgy emails and suspicious invoices,” he said.

Gridware is one of the leading cybersecurity providers in Australia, delivering world-class outcomes for our clients. We are uniquely positioned as an independent advisor, giving clients the confidence that they have mitigated their cybersecurity risks to best-in-class standards. If your organisation requires an approach to cybersecurity that is robust and reflects best-standard approaches to the latest threats, get in touch with us today for a discussion.


Sydney Offices
Level 12, Suite 6
189 Kent Street
Sydney NSW 2000
1300 211 235

Melbourne Offices
Level 13, 114 William Street
Melbourne, VIC 3000
1300 211 235

Perth Offices
Level 32, 152 St Georges Terrace
Perth WA 6000
1300 211 235

Emergency Assistance

Under Attack?

Please fill out the form and we will respond ASAP. Alternatively, click the button to call us now.