28 May 2025

Cyber security gets stuffed!

Giles Rafferty
All, Corp Comms, Cybersecurity, media relations

GILES RAFFERTY, Corporate Communication and Media Advisor.

The recent ‘credential stuffing’ cyber attack on Australia’s super funds sector once again highlights the growing cyber threat to business. ‘Credential stuffing’ is when usernames and passwords sourced from hacks on lower value websites or the dark web are used to gain access to higher value targets such as super fund accounts. Last month’s cyber attack on several large super funds, is reported to have resulted in the theft of at least half a million dollars. And the threat from cyber criminals continues to grow.

New statistics from the Office of the Australian Information Commissioner (OAIC) reveal 2024 was a record year for the reporting of cyber security breaches, with 1,113 data breach notifications. The largest number in a single year since since mandatory data breach notification requirements started in 2018.

First half surge

2024 represented another first. The number of cyber security incidents in the first six months of 2024 (518), exceeded the number for the final six months of 2023 (483), the first time that notifications in the first half of a year have exceeded the second half of the preceding year.

The established trend of a greater number of breaches being recorded in the second half of each year since 2018 has persisted, with a further 595 breaches between July and December 2024. The total mandatory data breach notifications since 2018 now stands at over 6,500.

Malicious and criminal attacks

The most recent data available from the OAIC, the July to December 2024 period, shows malicious or criminal attacks up 14% from the first half of the year and the largest source of data breaches at 69%. Within that, cyber security breaches accounted for the majority of the malicious or criminal attacks.

The OAIC also notes that phishing scams were the leading cause of cyber security breaches. Phishing scams are where cyber criminals pretend to be acting for reputable companies and send email or text messages designed to trick their targets into handing over personal information.

“The threat of data breaches, especially through the efforts of malicious actors, is unlikely to diminish, and the risks to Australians are only likely to increase. Businesses and government agencies need to step up privacy and security measures to keep pace.”

Carly Kind, Australian Privacy Commissioner

Close to a third of incidents reported were the result of human errors, including email blunders such as copying in the wrong e-mail address, unintended publication of data or the failure to redact sensitive information.

As a percentage of total breaches, those caused by human error in the second half of 2024 made up 29% compared to 30 % in the first half. System faults made up 2% of the notifiable data breaches in the second half down from 3% in the first.

Health sector leads on breaches 

Once again, in the July to December 2024 period the health sector had the most reported data breaches (20%), with Australian Government agencies reporting the second most (17%). This reporting period also saw a significant increase in data breaches caused by social engineering and impersonation, which is the manipulation of people into carrying out specific actions or divulging information.

A question of ‘When’ not ‘If’

The number of cyber security incidents being reported under the Notifiable Data Breaches scheme inexorably rises. As it does, the question moves towards ‘When’ rather than ‘If’ a company, which relies on collecting sensitive data, will experience a data breach.

Should a breach occur it is small comfort that the OAIC does not take regulatory action in response to every incident reported. It is looking to act where enforcement would have the greatest impact and to where there is the largest risk of harm to the community. One recent example of regulatory action in response to a data breach report is the OAIC’s acceptance of an enforceable undertaking offered by Oxfam Australia.

Against this backdrop of ever increasing cyber risk, it is more important than ever that Companies have a cyber-incident response plan in place. That plan should be regularly tested, include the advice of external advisers and incorporate a well thought out communication strategy. FIRST Advisers’ experience of crisis communications means we are well positioned to help a Company’s internal resources prepare for and manage cyber breaches.

Source: www.oaic.gov.au

28 March 2025

Economic optimism deficit as trust declines

Giles Rafferty
All, Best Practice, Corp Comms, ESG

GILES RAFFERTY Media and Corporate Communications An unprecedented decline in the number of employees who trust their employer to do the right thing – dropping three points globally – as revealed by the 2025 Edelman Trust Barometer is mirrored in Australia where employee trust in their employer dropped 2 points. The Edelman Trust Barometer is […]

Read More
26 June 2024

What to do if you suffer a cyber security data breach

Giles Rafferty
All, Corp Comms, Cybersecurity, media relations

GILES RAFFERTY, Corporate Communication and Media Advisor It feels more like ‘when’ and not ‘if’ companies will face data breaches. In the last week, reports are emerging of a hacker trying to sell data from 30 million Ticketek customers following the announcement of a data breach by Ticketek on 31 May 2024.  With the growing […]

Read More
29 February 2024

Managing Cyber security risks

Giles Rafferty
All, Corp Comms, Cybersecurity, media relations

GILES RAFFERTY, Corporate Communication and Media Advisor Cybersecurity is back at the top of the news agenda. The Albanese Government is seeking to tackle ‘Doxing’, which is publicly revealing identifying material about someone without their consent; the AFP has helped to smash global ransomware gang Lockbit and the hacker claimed to behind the massive Medibank […]

Read More
28 February 2023

CEOs need to drive social change to build trust

Giles Rafferty
All, Corp Comms, ESG, media relations, Social Media

GILES RAFFERTY, Corporate Communications and Media The findings of 2023 Edelman Trust Barometer were revealed at Davos in January, with the Australian cut of the data made public at the start of February. The Edelman global survey highlights concern around “severe polarisation” among respondents, which the PR firm interprets as people believing their society is […]

Read More
30 August 2022

Accessing new media opportunities

Giles Rafferty
All, Corp Comms, media relations, Social Media

GILES RAFFERTY, Corporate Communications and Media Adviser It is well understood that the media industry has been experiencing significant technological disruption with the emergence of digital, online and social media platforms. The recent 2022 Digital News Report, by the Reuters Institute and the University of Oxford, indicates the various shocks of the last few years, […]

Read More
28 February 2022

Distrust threatens societal stability

Giles Rafferty
All, Corp Comms, ESG, media relations, Social Media

GILES RAFFERTY, Corporate Communications and Media Adviser One of the findings from the annual Edelman Trust Barometer survey is a cycle of distrust that is threatening societal stability both here in Australia and globally. The survey results were published on February 16th, a little over a week before Russia invaded the Ukraine. Australia trapped in […]

Read More
4 March 2021

Locking in the Trust premium

Giles Rafferty
All, Corp Comms, ESG, media relations, Purpose

GILES RAFFERTY, Corporate Communication and Media Advisor Trust in Australian Institutions has surged during the Coronavirus pandemic to reach all-time highs.  This resurgence of trust means, in Australia,  the institutions of Business, Government, Media and NGO’s are all now viewed as competent where just 12 months ago only Business was seen to be so. Two institutions, […]

Read More
30 October 2020

Video with vim and vigour

Giles Rafferty
All, Corp Comms, COVID-19, video

GILES RAFFERTY, Corporate Communications and Media Advisor The camera never lies! A broad statement that still holds true despite the incredible advances in software to manipulate digital imagery. The cameras built into smartphones and laptops are amazingly sophisticated but are no guarantee that a video presentation will look good or be engaging. If you don’t […]

Read More
28 July 2020

Corporate Purpose during the Coronavirus pandemic

Giles Rafferty
All, Corp Comms, COVID-19, Governance, Purpose

GILES RAFFERTY, Corporate Communications and Media Advisor, writing for the Winter 2020 Issue of Listed@ASX. What does the Coronavirus pandemic and the ‘new normal’, that is expected to emerge in its wake, mean for a Company’s purpose? As the pandemic surges across the globe many senior corporate leaders will, rightly, view the immediate purpose of […]

Read More
28 May 2020

Designs on Annual Reporting

Giles Rafferty
All, Annual Report, Best Practice, Corp Comms

GILES RAFFERTY, Corporate Communications. It is time to think about Annual Reports and then to think again. While an Annual Report must include content required by the Corporations Act and the ASX listing rules,that doesn’t mean we should limit our thinking to just meeting that objective. It is right and proper for the compulsory materials, […]

Read More
30 January 2020

Time to confront climate change

Giles Rafferty
Corp Comms, Disclosure, ESG, Purpose

GILES RAFFERTY, Corporate Communications and Media Advisor Every Government, company and shareholder must confront climate change according to Larry Fink, CEO and Chairman of BlackRock, the world’s largest asset manager. In his annual letter to CEO’s, Mr Fink says a rapidly growing awareness amongst investment market participants of the risks climate change poses to economic […]

Read More
30 January 2020

Communicating in a crisis

GEOFF MICHELS
All, Corp Comms

GEOFF MICHELS, Senior Adviser, Corporate Communications One month in to 2020 and news headlines have been dominated by the bushfire crisis while the business pages have been reporting on the Australian retailing crises which has seen big brands literally shutting up shops, including the shock withdrawal of Kaufland from the Australian market. The crises in […]

Read More
29 June 2019

Leading with Purpose

Giles Rafferty
All, Corp Comms, Governance, Purpose

GILES RAFFERTY, Corporate Communications and Media Advisor We are fast approaching the first reporting season under the 4thedition of the ASX Corporate Governance Principles and Recommendations. An aspect of the new Principles and Recommendations, which we wrote about in our March 28th ‘Purpose for the Board’ blog, is the elevation of responsibility for linking a company’s […]

Read More
1 May 2019

The importance of good design

Giles Rafferty
All, Annual Report, Corp Comms, IR

GOOD DESIGN is the difference between telling someone and showing them. It can be the difference between informing your audience or convincing them. A carefully composed image, an effectively executed graphic concept or a thoughtfully constructed layout can convert worthy content into memorable messages. We sat down with Campbell van Venrooy, a graphic designer with […]

Read More
28 March 2019

Purpose for the Board

Giles Rafferty
All, Best Practice, Corp Comms, Governance, Purpose

GILES RAFFERTY, Corporate Communications and Media Advisor A listed company’s Purpose is now, very much, a matter for Board consideration. The latest edition of the ASX’s Corporate Governance Principles and Recommendations makes it clear the Board is responsible for linking a company’s Purpose to its strategic goals. Principle 3 states a listed entity should instil a […]

Read More
31 January 2019

The importance of being purposeful

Giles Rafferty
All, Corp Comms, Governance, Purpose, Shareholder Engagement

A well understood and expressed corporate purpose drives long term value. This is why purpose, as a driver of profitability, was a central theme of the 2019 letter from Larry Fink, CEO of Blackrock, the world’s largest investment manager, to the Board’s and senior managers of companies Blackrock has holdings in. It has also been the […]

Read More
28 February 2018

Doing it on Purpose

Giles Rafferty
All, Corp Comms, IR, Purpose

Giles Rafferty, Corporate Communications Doing it on Purpose Having a Corporate Purpose must be one of the oldest, latest things. There is good degree of noise around the concept of ‘Corporate Purpose’ and it may feel like it has become a buzz word, but it is much more than that and always has been. A […]

Read More
25 January 2018

Video: No longer a nice to have

First Advisers
All, Corp Comms, video

Giles Rafferty, Corporate Communications Video is a critical part of the communication mix. Video engages an audience visually, aurally and emotionally. If a picture paints a thousand words, then a minute of video paints 1.5 million! There are some *mathematics that underpin this assertion but the point of such a statement is to focus attention […]

Read More
6 November 2017

Communicating in a Crisis

GEOFF MICHELS
All, Corp Comms, media relations

Geoff Michels, Senior Corporate Communications Adviser A crisis is an event or a series of events that adversely affects the health or well-being of employees, the environment, a community or the wider public, the integrity of a product or the reputation of an organisation.  A crisis can be operational (fire, an accident) or non-operational (workplace discrimination, […]

Read More
1 August 2017

The Evolving Board Role in Determining Corporate Culture

First Advisers
All, Best Practice, Corp Comms, Governance

Philippa Ellis, Governance & Investor Relations Not a day seems to go by without some headline homing in on yet another corporate scandal with its genesis often attributed to a lax or loose corporate culture. In Australia it has most recently focused on the wealth management and life insurances divisions of the major banks. ASIC […]

Read More
1 August 2017

The Annual Report and the importance of storytelling

First Advisers
All, Annual Report, Corp Comms, IR, Reporting

Philippa Ellis, Governance & Investor Relations “Stories are the most powerful communication tool we have bar none” according to Andy Goodman of The Goodman Centre. We all carry stories in our heads (pre-conceptions) that strongly influence the way we view the world. These stories cause our mind to be closed to alternative viewpoints even when […]

Read More
10 April 2017

Presentation Techniques for Senior Executives

First Advisers
All, Coaching, Corp Comms, media relations

Geoff Michels, Senior Adviser – Corporate Communications At FIRST Advisers we are frequently asked to coach senior business executives or managers on presentation techniques.  Generally it’s about coming across well at an AGM, or at a roadshow event or in presenting to audiences large and small.  There is also a significant demand for advice and […]

Read More
3 November 2016

Why Aligning your Corporate and IR Strategies Matters

Victoria Geddes
All, Corp Comms, IR

VICTORIA GEDDES, ECECUTIVE DIRECTOR Nov 3, 2016 The starting point in the development of a company’s IR strategy is to understand the Corporate Strategy. Closely allied to this is an audit, for wont of a better word, of how this strategy is talked about within the company and communicated to external stakeholders. It is surprisingly […]

Read More
5 August 2016

Results should craft a convincing story

David Whittaker
All, Corp Comms, IR, NIRI

DAVID WHITTAKER, SENIOR INVESTOR RELATIONS ADVISER A recent survey presented at the National Investor Relations Institute (NIRI) conference in San Diego in June highlighted how giving investors useful qualitative information when presenting your company’s financial results can make all the difference to how well the numbers are received. The institutional investors surveyed by Edelman emphasised […]

Read More
5 July 2016

Short Attacks: The new wolf pack

Victoria Geddes
Activism, All, Analytics, Corp Comms, IR, media relations

VICTORIA GEDDES, ECECUTIVE DIRECTOR Those who have been on the receiving end of a short attack describe the process as akin to being at war, or being pursued by a pack of wolves, with the company’s very destruction their opponent’s goal. A short or bear attack, to make the distinction clear, is not the same […]

Read More
27 May 2016

Follow FIRST Advisers at the World’s Premier Investor Relations Conference

First Advisers
All, Corp Comms, Governance, IR, NIRI

FIRST Advisers will be in San Diego next month at the premier global conference for investor relations professionals, staged by the US National Investor Relations Institute (NIRI). We will be posting live updates from our Twitter account and filing a post conference wrap up on this blog. The NIRI conference often provides a leading indicator for […]

Read More
12 November 2015

Why someone on the outside should draft that press release

First Advisers
All, Corp Comms, media relations

FIRST Advisers Corporate Communications Some see it as axiomatic that the people within a company are best placed to draft a press release or other piece of external communication. After all, who better to write the news than those on the inside: the people who were responsible for it, were there from the beginning and […]

Read More
17 December 2014

The Value of Proactive PR

First Advisers
All, Corp Comms, IR

Outside major announcements like profit results or product launches, many companies find it hard to keep the media interested in what they are doing, especially with the attention span of the traditional media narrowing as journalist numbers fall and publication sizes shrink. It’s true that most companies don’t have significant announcements to make week-to-week or […]

Read More

Archives