As Australia enters the era of artificial intelligence, cloud and ‘digital economy’ applications, consumer data management is critical to the competitiveness of some of our largest and most important industries. more emblematic.
As I return to the ANZ region after a long career in the Asia Pacific region in senior roles in technology companies, Australians are rightly concerned about how their data is used by the many organizations they work with. interact daily. This includes retailers, banks, insurance companies and even healthcare organizations.
As Australians enjoy the benefits of the cloud, excellent internet access, applications and data-driven decision-making, data security remains a major concern for many businesses and brands in Australia.
Based on recent in-depth research by Cohesity, urgent changes are beginning to occur in understanding the regulatory environment at board level for all companies to address the challenges to Australian consumers’ trust in brands and the companies that process their data.
The importance of trust in business resilience
Trust is the cornerstone of any successful business relationship, and this is especially true in the context of data security. For businesses looking to build and maintain resilience, earning consumer trust is non-negotiable. In Australia, consumers are particularly wary of technology and the potential for cyberattacks. This distrust highlights a broader trend where Australians, historically early adopters of technology, now face an erosion of trust when their personal data is compromised.
Survey information and consumer awareness
To test this idea, earlier this year Cohesity commissioned a report to delve deeper into consumers’ trust in how their data is used. The report compares the attitudes of thousands of Australian consumers with those of their peers in the US and UK. A total of 6,000 consumers participated in the survey, including 2,000 in Australia.
The report consistently shows that Australians have the lowest levels of trust in their data. Among its many alarming revelations, the study concludes that 88% of Australians (compared to 74% in the UK and 85% in the US) want to be asked for permission before their personal or financial data is entered in AI models. The vast majority of people surveyed (79 per cent in the UK, 87 per cent in the US and 90 per cent in Australia) want to know who their data is being shared with, and 90 per cent of Australians want companies to check their data. third party. security and data management practices of third-party vendors with access to customer data.
This clear call for more control, transparency and protection around their data is largely driven by the negative experiences of those surveyed. Unsurprisingly, most respondents are very critical of buying back access to their compromised data, which essentially feeds the cybercriminals’ business model with new capital.
Our observations reveal that Australia is somewhat behind other countries in the region in terms of cyber resilience, and this may be due to a variety of factors.
Reasons for cyber resilience challenges
Several factors contribute to Australia’s current cyber resilience challenges. Historically, Australians have deeply integrated technology into their daily lives, relying heavily on digital solutions.
The rise in adoption and applicability of cloud-based technology and its ability to enable organizations to make sense of immense amounts of consumer data – something previously impossible – means that we We have entered a new era of data-driven consumer behavior. The rise of generative artificial intelligence has accelerated this transition.
Taken together, this dependence means that data breaches and technical outages can lead to a deep sense of betrayal and loss of trust.
Unfortunately, as we have seen too often, the “bad guys” also know how to use technology, including AI, and so we have found ourselves in a situation where the ability to protect our data has not kept pace myriads of means put in place. which cybercriminals can access it. This is partly normal, unfortunately. Every advance in the use of technology has been associated with crime.
But this only makes two things more imperative than ever: that Australians trust their leading institutions with their data again.
Institutional and regulatory gaps
What are the implications? First and most obvious, the Cohesity study clearly shows that cyber resilience is an issue that concerns corporate boards. This is no longer a matter that is the sole responsibility of IT or cybersecurity experts, who in many cases sit four or more levels below the CEO and are rarely, if ever, present on the board. business administration.
Based on my anecdotal observations, Australian boards need to continue to focus on cyber resilience from a strategic perspective.
Secondly, the regulatory landscape and policy frameworks in Australia must also continue to evolve and become more focused on protecting Australians’ data. Agencies such as the Australian Signals Directorate (ASD) and other regulators are now making significant progress in this area, but there is still work to be done to ensure we, as a wider society, close the gaps which cybercriminals can exploit, further eroding consumer trust. .
The skills gap
Another critical issue is the lack of cyber resilience skills. Australia needs a larger workforce with the skills to effectively manage and protect against cyber threats. This means fostering diversity-based skills that can bring new perspectives and innovative solutions. It is clear that the industry as a whole must prioritize developing a competent and diverse cybersecurity workforce.
The way forward
Moving forward, security and privacy will continue to be a major concern for both consumers and organizations. It is encouraging to see that Australians are increasingly aware of the risks and are demanding greater accountability from the companies that hold their data. This increased awareness, reflected in our research, signifies a positive shift towards a more informed and vigilant consumer base.
To build and maintain trust, businesses must prioritize transparency in their data handling practices. This involves clear communication about how data is collected, stored and protected. By doing so, businesses can foster a sense of security and trust among consumers, which is essential for long-term resilience.