Powered by MOMENTUM MEDIA
the adviser logo
Borrower

Government launches cyber security scheme to help SMEs

by reporter11 minute read
Government launches cyber security scheme to help SMEs

The federal government has announced a $26.5-million program aimed at strengthening the country’s cyber security capabilities, particularly within the SME sector.

Under the Cyber Security Skills Partnership Innovation Fund, grants of between $250,000 and $3 million will be provided to improve the quality and availability of cyber security professionals through training.

The fund is part of the $50-million Cyber Security National Workforce Growth Program that forms the federal government’s Cyber Security Strategy 2020.

Eligible activities may include developing and delivering specialist cyber security courses for professionals; retraining programs; professional development; apprenticeships; establishing new internships, cadetships, work experience and staff exchanges; and establishing cyber labs and training facilities.

==
==

Applicants must submit a joint application with one lead organisation, which is the main driver of the project and is eligible to apply, and at least one other project partner.

It is estimated that $13 million will be available for round one of the grants program, which closes on 11 March 2021. The second round of funding is expected to be launched later this year.

Minister for Industry, Science and Technology Karen Andrews said the funding would help build cyber security career pathways as Australia continues its comeback from COVID-19.

“The Cyber Security Skills Partnership Innovation Fund will support partnerships between industry, education providers and governments to build the next generation of cyber security experts,” Minister Andrews said.

“Cyber security is essential to our digital economy and needs to be strong in all areas, particularly in small and medium enterprises, which comprise 98 per cent of all Australian businesses.

“This fund builds on our commitment to keep Australians secure online, and to support building industry capability.”

Cyber security in focus

The move to bolster cyber security of businesses, particularly those in financial services, comes amid a heightened risk environment.

Several large players have been impacted by cyber attacks or incidents as a result of increasingly commonplace malware and ransom attacks.

On 15 January, the financial services regulator was reportedly made aware of a cyber incident relating to the Accellion software it uses to transfer files and attachments, including those on ACL applications. It has since updated its process for lodging ACL applications and attachments as it investigates the extent of the issue.

The breach is the latest in a string of cyber incidents impacting the financial services industry, after the Reserve Bank NZ and law firm Allens both suffered similar incidents in early January.

Indeed, in November last year, APRA executive board member Geoff Summerhayes warned that a major cyber breach in finance was inevitable.

Speaking last year, Mr Summerhayes outlined that while no APRA-regulated bank, insurer or superannuation fund had suffered a substantial cyber attack to date, he added that a lack of awareness among the higher ranks of companies will only make it a matter of time.

The surge in online activity through the COVID period had also presented a “business opportunity” for scammers and the like, he added.

In December, the Council of Financial Regulators (CFR) released a Cyber Operational Resilience Intelligence-led Exercises (CORIE) framework to test and demonstrate the cyber maturity and resilience of institutions within the Australian financial services industry.
The CFR – which includes the Reserve Bank of Australia, the Australian Securities and Investments Commission, the Australian Prudential Regulation Authority, and the Treasury – has developed the framework to assist the financial institutions with the preparation and execution of industry-wide cyber resilience exercises.

CORIE is a pilot program of exercises that will use intelligence gathered on adversaries to mimic the way they operate.

The exercises will mimic the tactics, techniques and procedures (TTP) of real-life adversaries through the creation and utilisation of tools and using techniques that may not have been anticipated and planned for.

According to the CFR, these exercises aim to measure an organisation’s ability to identify, respond and recover from the operations of a real-life adversary based on such TTPs.

The program will include threat intelligence-led exercises to assess the overall maturity of a financial institution’s cyber defence and response capability.

[Related: New ACL application process following ASIC incident]

ai artificial intelligence

JOIN THE DISCUSSION

You need to be a member to post comments. Become a member for free today!
magazine
Read the latest issue of The Adviser magazine!
The Adviser is the number one magazine for Australia's finance and mortgage brokers. The publications delivers news, analysis, business intelligence, sales and marketing strategies, research and key target reports to an audience of professional mortgage and finance brokers
Read more