The week in security: Helping the industry towards cyber resilience

Tired of worrying about supply chain weaknesses in addition to your own? There were suggestions that big businesses should actively help smaller businesses improve their cybersecurity, since they share a vested interest in data being protected.

That’s a potentially good idea made even better since Australia, by one account, only has 7 percent of the supply of cybersecurity skills that it needs.

Indeed, software security is still in its Wild West days, one security professional has opined, and that is not necessarily a good thing.

The journey towards cyber resilience is a long one, after all, and many people are still taking a much too-technical approach to promoting it.

Another sign of its still-evolving maturity is the persistently low representation of women – an issue that was discussed during the recent Technology in Government conference in Canberra.

As the industry worked on professionalising itself, criminals were targeting bank employees with exploit-laden Microsoft Publisher email attachments.

North Korean hackers were targeting Mac users with a Trojan cryptocurrency app, while ransomware called Ryuk managed to extract $US640,000 from its corporate victims in a matter of weeks.

Money wasn’t the only thing being extracted: US communications giant T-Mobile revealed that hackers had extracted personal data from its servers, and was in damage control as it worked out the scope and repercussions.