This week’s Cyber Pulse Mid-Week Briefings cover Australia’s new Cyber Security Bill, rising ransomware claims, Zscaler's AI-driven platform growth, and cyber threats from East Asia, including Chinese influence operations, North Korean tech theft, and costly global data breach claims.
Visa boosts AI fraud detection with Featurespace acquisition, lifting its stock; Experian expands Latin American security by acquiring ClearSale; Booz Allen shares cyber expertise at Singapore International Cyber Week; Torq secures $70M for global growth; SentinelOne and Okta shine in top awards.
With OpenAI’s shift to a $157 billion for-profit model, CEO Sam Altman maintains its mission to "benefit humanity." However, as investors seek high returns and Altman stands to gain equity, doubts arise over who truly benefits from OpenAI’s growth—society or its shareholders?
Federal Government's 2023-2030 Cyber Security Blueprint
Australia's 2023-2030 Cyber Security Strategy boosts digital defences, shifts telecom under critical infrastructure laws, and invests $290.8M in SMEs. It focuses on workforce upskilling, data retention, and resilience against growing cyber threats.
Labor Government's Vision: The 2030 Cyber Security Strategic Framework
The Australian Government's unveiling of the 2023-2030 Australian Cyber Security Strategy (ABC) marks a pivotal moment in the nation's approach to digital security. Spearheaded by Security Minister Clare O'Neil, the strategy's release is particularly timely, following the substantial data breaches impacting millions of Optus and Medibank customers and the alarming 23% rise in cybercrime reports over the previous year.
The CNC editorial news review on cyber policy focused on the federal data retention requirements. This review aims to mitigate risks and reduce burdens associated with the prolonged storage of significant data volumes.
The strategy also underscores the expansion of the Digital ID program. This initiative facilitates online verification without excessive personal data sharing, thereby limiting sensitive information exposure for both individuals and entities.
In a significant regulatory shift, telecommunication providers are set to align with other critical infrastructure sectors.
Home Affairs Minister Clare O’Neil outlined new plans to class telecommunications as ‘critical infrastructure’ for the first time under the Security for Critical Infrastructure Act (SOCI).
This move involves transferring the security regulation of the telecom sector from the Telecommunications Act to the Security of Critical Infrastructure Act
Financially, the strategy is substantial, with nearly half of its funding - $290.8 million - earmarked for small and medium-sized businesses. This investment will support public awareness, combat cybercrime, disrupt the ransomware business model, and enhance the security of Australian identities.
Furthermore, there is a planned investment in establishing consumer standards for smart devices and software. This is coupled with initiatives to professionalise the cyber workforce and accelerate the cyber industry's growth.
A notable allocation of $9.4 million is dedicated to developing a threat-sharing platform for the health sector, with potential expansion to other fields.
Minister O'Neil emphasised the strategy's critical nature, stating,
“The strategy is bold and ambitious, and it has to be. The last five years have made one thing abundantly clear: we simply can’t continue as we are.”
In an ABC interview with Alastair MacGibbon, Chief Strategy Officer at Cyber CX, the strategic implications of the ABC were further explored. MacGibbon emphasised the resolution of the Australian labour force shortage and the necessity for both domestic training programs and international talent recruitment to enhance cyber capabilities.
"Upskilling is crucial. We must leverage existing skill sets and strategically augment them to address this widespread issue. It's about changing the narrative around our country’s ability to tackle cyber threats effectively.”
- MacGibbon highlighted.
Moreover, he stressed the importance of talent distribution and increased training opportunities, stating, "We're committed to finding the right people over three years. If other companies, like Microsoft and others, join in training people, it would significantly boost our capabilities."
The sentiment resonates across various layers within the cybersecurity services industry.
Mark Mantakoul, General Manager at Zirilio, provides valuable insight into the resilience challenges faced by Australia’s cybersecurity workforce.
Zirilio's general manager emphasises the need for increased attention from federal governments to support business services with adaptive policies, thereby enhancing the future talent pool.
“By prioritising the development of cyber skills, the strategy intelligently addresses the often-overlooked human element in cybersecurity, ensuring a well-equipped workforce ready for future challenges.”
– Mr. Mantakoul reaffirmed.
Mantakoul underscores the paramount importance of National experts in cybersecurity acquiring the skills necessary to deliver first-response services.
The 2023-2030 Australian Cyber Security Strategy, thus, represents a comprehensive and forward-looking approach, aiming to fortify Australia’s cyber defences in an increasingly digitised world.
Governor Gavin Newsom vetoed Senate Bill 1047, which would have enforced strict safety measures for AI models with over $100M in funding. He argued the bill’s focus was too broad and advocated for more targeted AI regulations that address risks from smaller, less costly systems.
Europe faces a critical choice: embrace AI innovation or enforce restrictive regulations? Fragmented rules risk leaving Europe behind in AI advancements and economic growth. Clear, unified policies are key to keeping Europe competitive in the global AI race.
The UAE is stepping up its AI game, with Sheikh Mohamed bin Zayed al-Nahyan meeting US President Joe Biden to boost AI cooperation. As the UAE shifts from oil to tech, it's deepening ties with US firms and tackling hurdles like AI chip restrictions, aiming to lead the global AI race.
Telegram is tightening its policies, sharing user IPs and phone numbers of criminals with authorities. As hybrid warfare blends state-backed hacking with cybercrime, Telegram faces pressure to curb illegal activities exploiting its encryption features.