Benchmarking cybersecurity best practice
The 2017 and 2018 editions of Australia's Digital Pulse highlighted tremendous opportunities, with digital technologies forecast to be worth $139 billion to the Australian economy in 2020 – equating to seven per cent of GDP.
Further adoption of digital technologies could add an extra $66 billion to Australia's GDP over the next five years. Deloitte Access Economics modelling also suggests that Australian businesses' greater focus on cyber security could increase business investment by 5.5% and wages by 2.0%, employing an additional 60,000 people by 2030.
These opportunities need to be earned, however. A robust cybersecurity ecosystem is a mandatory prerequisite for continued economic growth. On average, a cybercrime attack costs a business in Australia more than $400,000. Who can businesses trust to get the fundamentals right?
With heightened awareness of the need to lift cyber resilience in Australia, an ACS Cyber Taskforce, headed by senior cybersecurity expert Professor Jill Slay, was established to review global cyber security frameworks and identify best practice professional benchmarks that would be fit for purpose here in Australia. Frameworks examined included:
- US Department of Defense Information Assurance Workforce Improvement Program
- National Institute of Standards and Technology, US Department of Commerce
- National Initiative for Cybersecurity Education, Cybersecurity Workforce Framework
- US Department of Labor Cybersecurity Industry Competency Model
In September 2017, ACS announced its extension of our professional certifications scheme by introducing Cyber Security specialisations.
Certifications from ISC2 and ISACA, who partnered with ACS on this launch, were used to determine professional practice benchmarks when levelling ACS standards.
ACS flagship publication Information Age has since showcased several professionals achieving ACS certifications in cybersecurity. This publication is a compilation of those articles. It provides a fascinating insight into the multi-disciplinary nature of cybersecurity across various verticals, including aviation, banking and finance, audit and risk, consulting, and healthcare.
By employing professionals with a CP (Cybersecurity) certification, Australian businesses and governments are well-placed to lift their cyber resilience.