The influence of information and digital technologies is immense in our day-to-day lives. We plan our social lives, do our shopping online and stream live sports and TV shows to relax after work. This digital disruption has proved a boon for our economy, where it’s predicted that 50% of small and medium enterprises will receive payments online, not to mention innovative new business models appearing such as the common ride-sharing app Uber.
Nevertheless, inherent risks abound for individuals, the private sector and for governments. Most of the immense amounts of data generated each day would like to be kept private and secure, such as internet banking details, census results and intellectual property. The value of these types of data has led to the persistent threat of cybercrime, estimated to cost global economies approximately 1% of GDP each year. Despite these losses, investment in the adoption of cybersecurity solutions is a low priority for many businesses, due to the lack of understanding and quantification of cyber security risks.
At Data61, we aim to develop a quantitative cybersecurity risk management framework in an analogous fashion to the well-established financial risk management framework. To achieve this aim, we will focus on research activities such as identifying and quantifying risks in cybersecurity, quantifying the effects of interventions, developing models to price cyber-insurance products, and determining the optimal resource allocations to minimise cybersecurity risk.