As covered in the Australian news this week, our second largest telecommunications company – Optus – has suffered a very serious data breach. This means that the Personally Identiable Information (PII) for millions (yes MILLIONS) of customers has been stolen, and now the company is being held to ransom. Every day that the company does not pay the ransom, the attacker is releasing a small tranche of records; if the company does not pay, eventually, I predict that the PII will be sold on the open market (through the dark web). The impact for Optus customers is extremely serious – PII can be used as the basis for identity theft, which can then be used to commit identity fraud. Identity theft means stealing someone else’s identity using PII – for example, using full names, birthdates, passport numbers and driver’s licenses to takeover existing client accounts, for example, with banks and governments. Identity fraud means using these now legitimate credentials to “cash out”, for example, by applying for loans or credit in the name of the compromised customer. While customers are sometimes able to recover funds stolen through identity fraud, the compromised identity is often very difficult (if not impossible) to recover.

Breaking down the data breach further, let’s try and work out which roles are needed to identify, prevent, detect, respond and recover (using the NIST Framework – Cybersecurity Framework | NIST):

• Identify – identifying and quantifying cyber risks to the business, and any regulatory and legal requirements;
• Prevent – designing and building secure infrastructure to repel attackers;
• Detect – monitoring system and network activity 24/7 to detect intrusions;
• Respond – putting in place incident response plans, including critical communications, liaison with government departments, and so on; and
• Recover – restoring normal services after a cyber attack has taken place, including cyber investigations and digital forensics.

Most technical degrees in cyber after focused on Preventing and Detecting cyber incidents, but they don’t prepare students for the critical activities at either end of a cyber response, especially identifying, responding to and recovering from attacks. At AAPoly, our Bachelor of Business (Cyber Security) is designed to equip students with the business skills to understand, plan and manage a whole cyber program, from cyber risk assessment and program management, to cyberlaw and digital forensics. This is why we are so excited to be offering Australia’s first undergraduate cyber degree with a business focus!