Research
Hack of all trades
The Optus data breach demonstrates why everyone needs to be across cybersecurity
Key Features
For someone who loves getting his hands on vast amounts of data to study, Adrian Gepp (Class of 2001) sure is wary of giving out his own.
“I get annoyed when I'm signing up for some rewards program that is asking for my data,” he said.
“Why do you need my date of birth? You're going to do nothing with it other than potentially lose it or give it to someone else.”
Years spent studying financial fraud will do that to an Associate Professor of Data Analytics.
Dr Gepp's research spans the gamut of dubious dealings in multibillion-Gollar companies to the financial literacy of older Australians.
Through it all, a common thread has emerged: education is the only way to beat fraudsters and cybercriminals, and that applies equally to CEOs or your grandmother.
“That's because we're never going to defeat fraud if we're just trying to build models to detect it,” said Dr Gepp, whose own computer models have helped sniff out companies at risk of bankruptcy.
“There's too many (bad actors), they evolve. Detection is valuable but we also need to educate people so they're less vulnerable.”
Oops, something went wrong.
Info Tiles
Rich Text
The risks of sharing data were driven home to Australians in 2022 when the details of 9.8 million Optus customers were hacked and stolen.
Licence, passport and Medicare numbers were among the records taken in the breach before the telco, banks and governments raced to protect victims from online scams and identity theft.
At the business level, Optus's reputation was shredded.
The Australian Cyber Security Centre received more than 76,000 reports of cybercrime during the 2021-22 financial year, up 13 per cent on 2020-21.
Ripping off the careless and vulnerable is so lucrative that an entire ecosystem has sprung up to support the criminals.
Cybercrime services such as ransomware-as-a-service can be obtained via the dark web, opening the market to a growing number of ill-doers without significant expertise or financial investment. Their victims include government agencies, critical infrastructure providers, small to medium enterprises, families and individuals.
"Detection is valuable but we also need to educate people so they're less vulnerable."
- Associate professor of Data Analytics Adrian Gepp
Chart
Bond responds to a growing threat of cybercrime
The growing threat underpinned the development of a new subject added to the Bond Business School's offerings in September, 2022.
Cyber and Fraud Threats in Organisations is an elective subject available to every student regardless of their discipline.
It can be studied by anyone as a non-award single subject, for example, alumni seeking to further their careers through professional development.
"I think it's a subject every student should do," Dr Gepp said.
He said the chances of people working in an organisation and being faced with a cyber threat were increasing, and they needed a plan for those situations.
Dr Gepp said, whereas in the past cybersecurity might have been the domain of Chief Information Officers, CEOs and the Board of Directors were increasingly expected to be across the risks.
Explainer
Centre for Data Analytics
Bond University established its Centre for Data Analytics in 2020, building on a rich history in data analytics stretching back to one of the University’s four foundation deans, Richard Tweedie. The centre is a global research hub that engages with government, private enterprise and not-for-profit organisations to ensure that the practical application of big data is optimised by the latest research.
References
- Source: https://www.cyber.gov.au/about-us/reports-and-statistics/acsc-annual-cyber-threat-report-july-2021-june-2022
- A version of this article first appeared in Bond University's The Arch Issue 31