Cyber: your whole organisation is the attack surface

Cyber security underpins the modern world. Without effective safeguards, the world grinds to a halt or is held to ransom. Cyber risk is pervasive and can destroy organisations if not taken seriously. KSIB focuses on providing strategic advice to effectively and efficiently manage this risk. Our work in this area is led by one of Australia’s most experienced technologists and security experts. We work extensively with AI and we partner with other cyber experts when needed. Our main areas of focus include: 

  1. Strategically understanding and managing cyber risk 

  2. Board and executive cyber risk governance 

  3. Breach and incident preparedness and response 

  4. AI security 

Boards and senior executives cannot outsource the management of this pervasive risk to CIOs and CISOs. It is important that those charged with governance understand the changing risk landscape. For example, in an AI enabled world, the cyber risk has just increased exponentially. If a breach does occur, it is often the non-technology executives who need to take responsibility for the holistic management of the issue, and there are many areas to consider. In our experience, for large organisations, approximately a dozen key areas of the organisation will need to be involved in the preparation for, and management of, a breach.  

KSIB Cyber Case Study

Case Study 01

Understanding the full scope of a cyber incident

2022, Australia

In 2022, a major Australian organisation was breached. Nearly 10 million confidential records were exposed. The attackers got in through stolen credentials. Nothing sophisticated.

The response required more than a dozen parts of the organisation

The ransom decision sat with the board, not the IT team. Responding to the breach required coordinated action across:

  • Board
  • Law enforcement
  • Media
  • CEO
  • Customer communications
  • Government relations
  • Legal
  • Insurers
  • Regulators
  • External forensics teams

Organisations that have not stress-tested their preparedness, forensic logging, analytics and response capabilities across every one of those functions should be asking: what happens when the threat is no longer a stolen password, but an AI that can find and exploit weaknesses faster than any human attacker?

Now is the time to test your preparedness: across the board, not just in IT.

KSIB can strategically assess your situation and help you strengthen your defences or respond to a threat or incident. Our team brings differentiated capabilities including strong AI security experience as well as leadership experience beyond technology leadership in handling breaches and incidents.