Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Kapil Kukreja, risk and assurance partner at HLB Mann Judd Melbourne, says cyber security is now a “strategic issue” for Australian businesses.
Credential-based attacks, the adoption of AI, and inconsistencies in governance are a dangerous combination, according to Kapil Kukreja, risk and assurance partner at advisory firm HLB Mann Judd Melbourne.
Taken together, Kukreja said Australian businesses are “facing a perfect storm of cyber security threats”.
“Cyber security is now a strategic issue. Between the rise of AI, increasing attack frequency, and gaps in governance, businesses are exposed on multiple fronts, with many still overlooking basic protections,” Kukreja said in a recent statement.
“Many organisations are still approaching cyber security as a one-off investment rather than a continuous, evolving discipline. The growing sophistication of cyber threats demands not only smarter technologies, but a proactive mindset, embedding security into every layer of the business.”
The nature of the threat goes beyond technological solutions, as threat actors are more than capable of gaining network access via relatively simple means. The recent spate of attacks on Australian organisations has only reinforced the need to get the basics right.
“One of them wasn’t a sophisticated hack; it relied on previously leaked passwords and weak access controls. It’s a warning that the fundamentals still aren’t being done well enough,” Kukreja said.
Kukreja has five key recommendations for any business looking to boost its network security.
Run regular audits of AI usage and adoption to make sure that its use is supported by proper governance frameworks.
“Robust governance frameworks should guide AI deployment to avoid unintended consequences and vulnerabilities,” he said.
Cyber security training needs to be ongoing, not just something done each year or in the wake of a cyber attack.
“Cyber security awareness training should be part of the business, not a checkbox exercise.”
Evaluate and understand third-party risk, and be aware of any vulnerabilities third parties may introduce.
“Limit access based on the principle of least privilege to reduce exposure to external threats.”
Patch early, and patch often.
“Timely patching of software, operating systems, and firmware is one of the most effective ways to shut the door on attackers and maintain a strong baseline security.”
Run regular tabletops to test incident response plans in order to minimise the risk of business disruption and boost recovery time.
“Having a plan isn’t enough; it must be tested under realistic conditions.”
“The threat landscape is evolving rapidly, and businesses must evolve with it – including governance, operations, technology, and culture,” Kukreja said.
“Boards, executives, IT leaders and staff all have a role to play. Cyber security is no longer optional. It’s foundational to business continuity, reputation, and trust. The organisations that act now will be far better positioned for the future.”
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
