Australian directors alerted to cybercrime threats - News - Business

To print: Select File and then Print from your browser's menu

--------------------------------------------------------------
This story was printed from ZDNet Australia.
--------------------------------------------------------------

Australian directors alerted to cybercrime threats

By Vivienne Fisher, ZDNet Australia
June 07, 2002
URL: http://www.zdnet.com.au/news/business/soa/Australian-directors-alerted-to-cybercrime-threats/0,139023166,120265835,00.htm

Australian company directors and officers are being warned of the damaging impact cybercrime can have if they don't address risks effectively.

Leif Gamertsfelder, head of the e-security group at law firm Deacons, outlined the potential pitfalls at an Australian Institute of Company Directors briefing yesterday.

Cybercrime has been garnering increased interest in Australia over the past week, with the Federal Government announcing finalisations to a bundle of counter-terrorism bills on Wednesday. Federal Attorney-General Daryl Williams has described the proposed legislation as a response to September 11.

Gamertsfelder warned that senior management must be in control, and look at the gravity of the harm. He added that e-security was about processes, not technology.

He outlined the possible implications businesses may face, such as obligations by directors under the Corporations Act. -If an e-security breach has occurred due to a failure by a company to take reasonable steps to implement robust e-security architecture, ASIC [and] shareholders may want to know what steps, if any, the directors took to prevent the breach of network security," Gamertsfelder said.

Company directors and officers needed to guide and monitor management and make sure they had the appropriate information, he said. -It's important to get the balance right-you can't blindly follow what the IT security [manager] or IT manager says," Gamertsfelder said. -It's very important to be fairly robust in questioning people about their abilities in this area."

Mike Rothery, senior adviser for national information infrastructure at the Federal Attorney-General's Department, also urged business leaders to consider the range of e-security vulnerabilities they might be subject to. -There are no absolutesâ€"it's all to do with risk management," Rothery said.

Rothery said that there was no panacea or complex fix, and that businesses should be aware of the human factor, such as employees, when managing the e-security risk.