16 Jan 2021

Robust security systems should be a business priority, professor warns

12:51 pm on 16 January 2021

A cybersecurity professor is warning businesses to keep on top of their systems, or face bigger bills to fix the fallout after a cyber-attack.

Woman working with global networks and data protection

Photo: 123RF

Yesterday Reserve Bank governor Adrian Orr apologised for a hack in which sensitive data was compromised.

The attack exploited a vulnerability the bank knew about in December.

Dave Parry

Dave Parry Photo: supplied

An Auckland University professor of computer science, Dave Parry, told RNZ that investing in security software and fixing problems before attacks happen is the easiest way to save money, and to protect data from being compromised.

"Very similar to the whole Covid if you get a breach through the border - the cost of dealing with a fallout is always more than dealing with security in the first place.

"It's just that it doesn't look like you're getting anything for a secure system. We assume that it is going to be secure."

Pofessor Parry said organisations need to put security to the fore of decision-making, rather than cleaning it up after it fails.

He said people need to better understand and prioritise cybersecurity.

He said in 2019, the Reserve Bank had said it was worried about the security infrastructure.

Organisations needed to put such concerns to the fore of decision-making, and a whole-of-government approach would be a good idea, Professor Parry said.

Meanwhile, the government has expressed confidence in the Reserve Bank governor despite the significant data breach.

Orr has commissioned an independent review into the breach and senior minister Chris Hipkins said that's the right move.

Get the RNZ app

for ad-free news and current affairs