CFOtech Australia - Technology news for CFOs & financial decision-makers
Story image

Building consumer trust and cyber resilience in Australia

Yesterday

The Imperative of Data Transparency and Security
As Australia embraces the age of Artificial intelligence, the cloud, and 'digital economy' applications, the management of consumer data is central to the competitiveness of some of our most important and iconic industries.

As I return to the ANZ region after a long career across the Asia Pacific working in technology company leadership roles, Australians rightly have concerns about how their data is used by many organisations which they interact with daily. This includes retailers, banks, insurance companies and even health organisations.

While Australians embrace the benefits of the cloud, excellent internet access, applications, and data-based decision making, data security is still a major concern for many enterprises and brands in Australia.

Based on recent in depth research from Cohesity, urgent changes are starting to occur in the understanding of the regulatory environment at the board level policy of all companies to address the challenges of trust amongst Australian consumers with the brands and enterprises handling their data.

The Importance of Trust in Business Resilience
Trust is the cornerstone of any successful business relationship, and this holds especially true in the context of data security. For businesses looking to establish and maintain resilience, securing consumer trust is non-negotiable. In Australia, consumers are notably wary of technology and the potential for cyber breaches. This wariness underscores a broader trend where Australians, historically early adopters of technology, now face an erosion of trust when their personal data is compromised.

Survey Insights and Consumer Awareness
To test this idea, earlier this year Cohesity commissioned a report to dive deeply into consumer trust around how their data is being used. The report compared the attitudes of thousands of Australian consumers with their peers in the US and the UK. In total, 6000 consumers participated in the survey - 2000 from Australia.

The report consistently shows that Australians have the lowest levels of trust around their data.

Amongst its many alarming revelations, the study concluded that 88 per cent of Australians (vs 74% in the UK and 85% in the US) want to be asked for permission before their personal or financial data is fed into AI models; The vast majority of respondents (79% in the UK, 87% in the US, and 90% in Australia) want to know who their data is being shared with; and 90 per cent of Australians want companies to vet third-party providers' data security and management practices with access to customer data.

This clear call for more control, transparency, and protection around their data is largely motivated by respondents' negative experiences. Unsurprisingly, most respondents are highly critical of buying access back to their compromised data - essentially fuelling cyber criminals' business model with fresh capital.

Our observations reveal that Australia is somewhat behind other regional nations in terms of cyber resilience, and this can be for a variety of factors.

Reasons for Cyber Resilience Challenges
Several factors contribute to Australia's current cyber resilience challenges. Historically, Australians have integrated technology deeply into their daily lives, relying heavily on digital solutions.

The surge in the adoption and applicability of cloud-based technology and its ability to enable organisations to make sense of immensely large amounts of consumer data – previously impossible – has meant that we have entered a new era of data-led consumer behaviour. The rise of generative artificial intelligence has supercharged this transition.

Taken together, this dependency means that data breaches and technical failures lead to a profound sense of betrayal and a loss of trust.

Unfortunately, as we have seen too often, the 'bad guys' know how to use technology too, including AI, and so we have found ourselves in a situation where the capacity to protect our data has not kept pace with the myriads of ways in which cyber criminals can access it.

That's partly to be expected, unfortunately. Every leap in technology use has been associated with crime.

But this only makes it more imperative than ever for two things to happen, for Australians to again trust their major institutions with their data. 

Institutional and Regulatory Gaps
What are the implications? Firstly, and most obviously, the Cohesity study shows clearly that cyber resilience is a board level problem for companies. It's no longer an issue which is the sole responsibility of IT or cyber security experts, who in many cases are four or more levels below the CEO and rarely if ever present to the company board.

In my anecdotal observations, Australian boards must continue to focus on cyber resilience from a strategic perspective.

Secondly, the regulatory landscape and policy frameworks in Australia must also continue to evolve and sharpen their focus on data protection for Australians. Agencies like the Australian Signals Directorate (ASD) and other regulators are now making significant strides in this area, but there is always more work to do to ensure we, as a wider society, close gaps that cybercriminals can exploit, further eroding consumer trust.

The Skills Deficit
Another critical issue is the skills gap in cyber resilience. Australia needs a larger workforce with the necessary skills to manage and protect against cyber threats effectively. This includes fostering diversity-based skills that can bring fresh perspectives and innovative solutions to the table. It is clear that the industry as a whole needs to prioritize developing a skilled and diverse cybersecurity workforce.

The Path Forward
Looking ahead, the security and protection of personal data will continue to be critical concerns for both consumers and organizations. It is encouraging to see that Australians are becoming more aware of the risks and are demanding greater accountability from businesses that hold their data. This heightened awareness, reflected in our research, signifies a positive shift towards a more informed and vigilant consumer base.

To build and maintain trust, companies must prioritize transparency in their data handling practices. This involves clear communication about how data is collected, stored, and protected. By doing so, businesses can foster a sense of security and trust among consumers, which is essential for long-term resilience.
 

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X