Local companies are urged to be more of cyber security and risks involved.

These were the words of Insurance Australia Group Internal Senior Manager Eoin Hayes at the 2017 Institute of Internal Auditors Fiji Annual Conference.

He was one of the lineup of top speakers at the conference at the Fiji Marriott Ressort Momi Bay.

Mr Hayes said due to the advanced technologies, the risks are more advanced as well and have increased.

“At IAG where I work, internal audit works with cyber security quite a lot just to ensure that we have the right control in place,” he said.

Mr Hayes added there are a lot of frameworks at the Insurance Australia Group, including National Institute of Standards and Technology (NIST), cyber security framework which has five key things: identity, protection, detection, response and recovery of data.

“The key control area is to protect your organisation. It is inevitable that you are going to get hacked at one point in time. You cannot eliminate everything at once,” said Mr Hayes.

There should always be plans and procedures to recover and reduce impacts.

“It looks at all the broad area and not just protection. There are three things involved – people, process and technology.

“In the past a lot of industries spent time on technologies and process but not on people.”

He added that humans are the weakest link  but there are companies like IAG that are spending a lot of money in awareness training programme to upgrade technology skills.

People might be using technologies but the important thing is to understand the risks and crimes involve, through training programmes and awareness, concluded Mr Hayes.

EDITED BY: SELITA BOLANAVANUA

Feedback:  waisean@fijisun.com.fj