• Cyber Security insights

Cyber Security insights

The cyber security landscape is constantly changing. As a global organisation, BDO monitors the major incidents and emerging trends in Australia and around the world. BDO Cyber Security Updates will keep you informed – subscribe today to have it delivered directly to your inbox.


BDO and AusCERT Cyber Security Survey

2021 BDO and AusCERT Cyber Security Survey Report

The 2021 BDO and AusCERT Cyber Security Survey results are in, and with a record number of respondents this year, it’s evident that cyber security is front of mind for all organisations, regardless of sector or size.

Webinar: 2020 BDO and AusCERT Cyber Security Survey insights

In 2020 there was a global shift in the way organisations do business. Social distancing changed the way business operate, customer interactions and meetings change to virtual, and increase use of technology for collaboration.  

2020 BDO and AusCERT Cyber Security Survey Report

The 2020 BDO and AusCERT Cyber Security Survey results are in. With a new operating environment emerging from the COVID-19 pandemic, our 2020 report highlights a shift in attitudes amongst organisational leaders.

2019 BDO and AusCERT Cyber Security Survey

The 2019 BDO and AusCERT Cyber Security Survey results are in, and with it comes a number of great insights for Australian and New Zealand businesses. 

2018/19 BDO and AusCERT Cyber Security Survey

Results from the BDO and AusCERT Cyber Security Survey 2018/2019 are in and with three years of data to draw upon, there are some great insights for industry.

BDO Cyber Threat Insights

BDO Cyber Threat Insights Report - April 2020

With the rapid worldwide spread of the novel coronavirus (COVID-19) during the past few months, more people are working remotely or exercising ‘social distancing’ than before.

BDO Cyber Threat Insights Report Q3 2019

The global healthcare industry is different from many other industries and faces some unique challenges, because it directly affects human life.

BDO Cyber Threat Insights Report Q2 2019

Most industries and governments are intrinsically and fundamentally dependent on critical infrastructure. These systems and assets, both physical and virtual, are vital to a country’s national security.

BDO Cyber Threat Insights Report Q1 2019

In the past decade, the retail industry has undergone major shifts worldwide due to the rise of the internet. As a result, the burgeoning e-commerce industry has significantly impacted “classic retail” as enormous digital platforms significantly accelerate the pace of digital transformation, with 10 percent of total retail business worldwide being generated by e-commerce.

BDO Cyber Threat Insights Report - Q4 2018

The public sector has historically always been a prime target for cyber-attacks, and over the past few years we have seen an escalation in both the number and severity of attacks, threats, and malicious actors targeting the industry.


How COVID-19 has shaped the cyber security landscape

In 2020, there was a global shift in the way organisations do business. Conversations turned digital, social distancing became the norm, and technology replaced paper.

What you need to know about the Australian Government’s COVIDSafe application

The COVIDSafe application recently released by the Australian Government has come under much public scrutiny. Concerns have been levelled at the privacy of personal information and tracking of individual movements.

Incident response

Ransomware explained - An analysis of the Government's new ransomware action plan

Ransomware traditionally targeted individuals and their computers by locking them down and demanding payment for their recovery. However, ransomware has evolved over the past five years, with cybercriminals realising they can extract more money from organisations than individual people.

The BDO and AusCERT 2018/19 Cyber Security Survey: Response not just prevention

The 2018/2019 survey found that there has been a genuine and extremely positive uplift in cyber awareness (especially at senior levels), although more work needs to be done to improve cyber incident response plans.

Compliance with cyber security regulations is just the first step

There’s been much change to the cyber security regulatory landscape in Australia in recent years. Of greatest impact has been the introduction of the Privacy Amendment (Notifiable Data Breaches or NDB) Act 2017, or, ‘Notifiable Data Breach Reporting Scheme’, in February 2018.

Are you cyber security mature? Reducing the chance of successful attacks

Do you consider your business to be cyber security mature? If a cyber incident occurred in your organisation, would you be able to detect the incident and minimise the damage? Unfortunately, for many companies the answer is no.

Risk assessment

Digital transformation: Begin with cyber security in mind

It is not uncommon for organisations to digitally transform processes and data without a strategic or proactive approach to data privacy and cyber security. With more people working from home, the transition from office-based network access to remote/home access has created unique capacity, operational and cyber security challenges.

The top 5 SSPA compliance gaps

What are the top five areas many suppliers must address before working with Microsoft? BDO’s Risk Advisory team outline key compliance gaps and how businesses can resolve them.

Assessing cyber risk in construction

Cyber security remains a key concern across industries and to insulate themselves from increased threat, construction companies should be looking at building a cyber resilience strategy. While it’s getting harder to maintain total control over the likelihood of a cyber event due to the changing technology landscape, a cyber resilience strategy will help manage the impact of an incident. 

Seven questions directors need to ask about cyber

In this digital age, cyber-security is an important area of risk for boards. But directors need to ask management the right questions in order to track exposure to risk in this area. Here Leon Fouche, BDO National Leader, Cyber Security outlines what directors need to know.

The cyber security threat landscape is changing. Is your organisation ready?

Almost nothing remains certain in the world of cyber security, with the exception of one thing – the threats you faced yesterday will not be the threats you face tomorrow.

Security operations

Cyber attacks and their impacts are on the rise

BDO in Australia and BDO in New Zealand recently released the results of their annual cyber security survey, in partnership with AusCERT. The survey data highlights some alarming trends in the frequency and severity of cyber attacks, as well as some interesting shifts in the business strategies employed by cyber criminals.

How to protect against cyber attacks in the energy sector

In 2018, the United States Department of Homeland Security (DHS) and the Federal Bureau of Investigation took unprecedented action and publically accused Russia of conducting cyber attacks on US critical infrastructure.

Security Awareness

Moving to a cyber resilient mindset

Cyber-attacks continued to dominate in 2021, starting with the widespread SolarWinds attack and ending with the Log4j vulnerability that took everyone by surprise. These attacks, and others, further highlighted vulnerabilities in the supply chain and the wide-ranging nature of Information Technology (IT) ecosystems.

An overview of the Critical Infrastructure Bill

On November 22nd 2021, the Security Legislation Amendment (Critical Infrastructure) Bill 2021 was passed. The program intends to increase resilience across critical infrastructure assets, address vulnerabilities across physical, cyber, supply chain, and personnel domains, provide a wholesale uplift in critical infrastructure security, and reassure the Government that critical infrastructure assets are appropriately safeguarded against all risks.

Cyber security and cyber insurance: How a two-pronged approach can build bulletproof cyber resilience

For many organisations, cyber liability insurance provides critical protection from financial loss stemming from a cyber incident, from legal damages and business interruption, and crisis management and investigation expenses.

ISO 27001:2013 and the new fraud standard - building organisational cyber security and operational resilience

The updated Australian Standard (AS8001) for fraud and corruption was recently released, applying to all organisations operating in Australia. Its purpose is to guide how Boards and Executives can prepare their organisations to manage fraud risk.

Mapping the Fraud Blueprint of Tomorrow - Tech

In this webinar, we take a look at the impact of tech and the subsequent cyber security practices of importance.

5 'must do' tips for small businesses to increase cyber security

As much of the nation sits in lockdown or under restrictions, the same conditions that are so challenging for our businesses are unfortunately also the ones where cyber criminals thrive.

Fintech Fridays - Payments & Lending

What does it take to build a successful fintech company, and how do you navigate the complexities of the financial services sector?

APRA Regulation CPS 234 – What is it and how does it apply to your organisation?

The Australian Prudential Regulation Authority (APRA) has recognised the threat as we enter the new digital age and defined and implemented a new Prudential Standard CPS 234 (CPS 234).

Cyber Security: Working-from-home guide

The concept of WFH is not new. Making this situation more complex is the opportunistic cyber threats that have already started to take advantage of the situation.

Cyber Security in 2020: Myths versus reality

In our digitally-driven society, cyber security is an essential element in ensuring both data integrity and privacy. Nearly every organisation is going through some form of digital transformation to enhance data access, increase the speed to market, and reduce operational expenses.

Cyber Security in 2020: Top ten predictions and recommendations

According to the 2018/2019 BDO and AusCERT Cyber Security Survey, there has been a significant increase in cyber incidents from third party providers and employees, with phishing being the most common incident experienced by organisations in Australia and New Zealand.

2020 Cyber security guidelines for c-suite executives

Cyber attacks arguably pose the single biggest modern threat to businesses. The number of cyber attacks, their level of sophistication, and the financial and reputational impact they have all continue to increase at an alarming rate.

Seven mistakes to avoid when managing your information security awareness program

Organisations of all sizes across various industries are experiencing information and cyber security incidents and breaches where human error is the prevailing cause.

Cyber fraud and data breach protection: Challenges and best practices

Cyber fraud and data breaches are rampant and a growing concern globally. The number and level of sophistication of cyber attacks are increasing at an alarming rate.

Can your organisation afford a data breach?

Cyber risk remains an ever-present consequence of society’s adoption of technology. The cyber landscape is constantly changing, and the number and level of sophistication of attacks are increasing.

Minimising impacts: More work required to boost cyber resilience

Over the past few years, we have seen an increased focus on cyber security awareness and security investments.  The increase in awareness has translated to organisations contributing more resources towards security risk / attack prevention and limited investments going towards incident response. 

Cyber resilience and the role of boards

Rapid digital transformation has created significant change and disruption for Australian businesses, government agencies and individuals. At the same time, organisations are increasingly dependent on secure and reliable technology to serve and engage their markets.

Top ten trends and recommendations for 2019

Cyber-attacks are increasing in sophistication and magnitude of impact across all industries globally. According to a recent report issued by the U.S. Security Exchange Commission (SEC) the average cost of a cyber data breach is USD$7.5 million and is continually increasing in value year on year.

Subscribe to keep updated on cyber security

Receive BDO’s Cyber Security Updates.

Your cookie preferences may block this form or content from appearing. ‘Marketing’ preferences need to be enabled. You can manage your preferences or enable specific cookies in our cookie declaration. Alternatively, please contact us by direct email: [email protected]