In New Zealand, Hacking Is A Serious Business
The concerns of New Zealand's leading chief executives vary but if there is anything close to a consensus, it is that cybersecurity is major one.
On a scale of one (equaling no concern) to 10 (extreme concern) respondents to the Mood of the Boardroom survey rated cybersecurity 7.16/10 out of a list of 16 international factors.
To underline the scale of their concern, almost twice as many chief executives rated cybersecurity at 9/10 or 10/10 as they did the next most concerning issue, the outcome of the November 8 US presidential election.
Scott Bartlett, CEO of Kordia, the Government's broadcast and telecommunications network operator, believes we need to get serious about the threat posed by cybersecurity vulnerabilities. "As a country, we are immature when it comes to understanding and coping with the risks associated with cybersecurity," he said. He ranks it as one of the top three issues facing the nation.
Though acknowledgement of the risks may not be as widespread as it could be, it is certainly at the forefront of the minds of many New Zealand business leaders. "Seeing that our technology is robust from cyber-attacks is a key priority," said Cathy Quinn, chair of Minter Ellison Rudd Watts. "Failure to successfully manage this risk has the potential to fundamentally threaten the viability of our business.
"Cybersecurity is something we take seriously and we are grateful for the quality of the team we have who are focused on preventing attacks and responding to cyber threats."
Facilitating that response can sometimes mean internal and external frustrations, such as when email might be blocked because it appears suspicious to firewalls.
But that's a cost Quinn sees as well worth bearing: "We trust, though, that our people and clients will accept the occasional frustration given that the objective is to protect confidential client and business information."
When asked for their business priorities for the year ahead, many other executives also pointed to addressing cybersecurity risks. A retail sector CEO identified "enhancing the risk environments across the business, especially cyber risk," as a major focus. Z Energy CEO Mike Bennetts ranked risk management as a key priority -- two examples of the diversity of risks on his radar were cyber security and climate change.
The fact that cybersecurity now ranks alongside what have long been seen as the world's greatest challenges is telling. A real estate director said, "Both terrorism and cybersecurity are always cause for concern of the highest level, as we do not know when and where it will next hit."
In light of the increasing acknowledgement of the risk, there are opportunities for the businesses that help address it. Kordia acquired Aura Information Security, a leading cybersecurity company, for just over $10m in late 2015.
Bartlett sees addressing cybersecurity threats as a potential selling point for New Zealand.
"We are small enough to make our little country a stand-out example of how to get it right," he said. "If we can, our cyber-safe brand will be as important as, and more credible than, 100 per cent Pure New Zealand."
According to a report cited in the Government's National Plan to Address Cybercrime, released in 2015, the annual cost of cybercrime to the global economy has been estimated at US$400 billion.
Notable examples of cyber-attacks in recent times include the 2015 server breach of VTech, a children's toy manufacturer, and Anthem, a health insurance company.
The former resulted in the theft of 4.8 million parents' records, and over 6.8 million children's records. The hack on Anthem saw almost 80 million personal health records exposed.
After Sony was the victim of a well-publicised hack in 2014, thought to be linked to North Korea, the company had to put aside US$15m in the following quarter alone to beef up its cybersecurity systems. Some estimates suggested the true cost of the hack may have been closer to US$100m.
With fallout like that, it's little wonder that New Zealand's CEOs are beginning to take note.
NZ Herald: Insurance & Cyber Vulnerability - Get Your Report for 2016