Where Does Australia Rank for Cyber Security?

Large security incidents over the last few years, but particularly in 2022 (looking at you, Optus), have highlighted to Australians how fragile data security can be and how lax some businesses have been with our sensitive information.

Australians are getting more data-savvy and there is legislation in place here to protect us, such as the Security of Critical Infrastructure Act 2018. But, how does that policy, and our country, rank in terms of cyber security on a global scale?

Let’s take a look at where Australia ranks for cyber security.

Which country has the best cyber security?

Worldwide, the level of cyber security a citizen can expect can vary wildly, from efficient reporting and protection, to somewhat protected, to the wild west of data theft and regulation.

To give some context of where Australia ranks on a global scale, I thought it would be helpful to tell you which country ranks best for cyber security.

The US.

The United States has the best infrastructure, experience, security firms and regulations in place to implement, address and investigate data breaches; because they’re one of the countries most heavily targeted.

While the US might be the ‘best’, let’s can give a respectful nod to other countries like Denmark, UK, Finland and NZ who are closing the gap and constantly updating their cyber security infrastructure and have been named some of the top countries for cyber security by the UN’s E-Government Survey.

What about Australia?

So, where does Australia rank in comparison?

In the above-mentioned UN Survey, the Australian Government’s cyber security is ranked 7^th and 5^th on the Belfer Center’s Power Index 2022

Good, not great.

And, the string of massive data breaches we saw throughout 2022 are a stark reminder that we could be doing a lot more.

With policies such as the Security of Critical Infrastructure Act 2018 a business must alert the Australian Cyber Security Centre of a data breach within 12 hours of becoming aware. But this just alerts Australians that there has been a breach, it doesn’t prevent a breach from occurring.

Compare this to Europe who have the GDPR in place since 2018 – one of the strictest privacy and security laws in the world.

“it imposes obligations onto organizations anywhere, so long as they target or collect data related to people in the EU… The GDPR will levy harsh fines against those who violate its privacy and security standards, with penalties reaching into the tens of millions of euros.” source

They’re protecting EU citizens, reducing the opportunity for data to be stolen, where Australians don’t yet have the same level of protection.

 

Australia does have some regulation and policies in place that have improved the country’s cyber security but we’re still falling behind countries like Finland and Europe that have aggressive protections in place for their citizens.

Australia falls into a comfortable, but could-be-improved 7^th place with large data breaches through 2022 flagging just how vulnerable we still are.

We predict 2023 will bring with it more data breaches from large companies that are woefully unprotected.

So, who will be the next business to hit a PR disaster?

Have a question about Cyber Security? Get in touch.

« Back to News