Would the Federal Government’s cyber “health check” have helped Gumtree?

Gumtree had the unenviable task this week of emailing all of its users the news every one loves to hear – their details have been hacked. It appears that Gumtree users’ account information was compromised in a security attack whereby hackers accessed users’ email addresses, contact names and phone numbers. Apparently passwords and payment details were not compromised.

It seems that almost every week we read about a corporation being hacked or subject to a cyber attack of some form. So in some respects the Australian Government’s $230m cyber security strategy can only be welcome news, although some say it does not go far enough and it is merely catching up to the rest of the world.

The Government says the cyber security strategy will distribute investment into 5 key areas:

  • Establishing a national cyber security partnership;
  • Creating strong cyber defences to detect, deter and respond to threats;
  • Taking a global leadership role to champion a free internet and shut safe havens;
  • Growth and innovation; and
  • Building a cyber-smart nation by building skills and awareness.

One of the initiatives that appears to have received some fan fare is the voluntary “cyber security health check” that will be offered to the top 100 ASX listed companies and administered by the Australian Securities Exchange. Details of that health check were outlined by ASIC in its March report.

Whether completion of that health check would have been of assistance to Gumtree I cannot comment. However, what is abundantly clear is that those in governance positions in any organisation with an online presence (that is – every organisation) must place an audit of their cyber security high on the agenda and ensure that steps are continually taken to monitor cyber resilience.

Further, careful regard must be had to the adequacy of cyber insurance coverage. There is no doubt cyber attacks will only continue to rise and while the government is taking steps towards improving cyber security – ultimately the private sector has a vested interest in protecting itself via good cyber risk managements strategies and adequate insurance coverage.

Read more on Julie’s LinkedIn post.

Comments are closed.


  • Sydney

    Level 16, MLC Centre
    19 Martin Place
    Sydney, NSW 2000
    +61 2 9018 9999
    +61 2 9018 9900
  • Melbourne

    Level 12, 357 Collins Street
    Melbourne VIC 3000
    +61 3 9810 6777
    +61 3 9810 6770
  • Newcastle

    Level 6, 45 Watt Street
    Newcastle NSW 2300
    +61 2 4047 2600
    +61 2 4047 2699
  • Brisbane

    Level 8, 60 Edward Street
    Brisbane QLD 4000
    +61 7 3220 9333
    +61 7 3220 9399
  • Perth

    Level 3, 225 St Georges Terrace
    Perth WA 6000
    +61 8 6319 0470
    +61 8 6319 0499