A team led by Professor Lyria Bennett Moses, comprising UNSW experts in business, computer science, defence, and law, produced two reports: Considerations for Managing Cyber Threats to the Consumer Data Standards and Risk Management for the Consumer Data Standards. The reports identified potential threats and risks at that time, including:
- The possibility of large-scale attacks from organised and persistent cyber criminals
- The potential for weaknesses in the data transfer technology (called an API)
- The prospect of human error, mismanagement, and intentional misuse of data
- Issues when less cyber mature companies join the ecosystem
- Challenges of maintaining skilled security staff in a rapidly changing situation
The reports acknowledged the complexity of the Consumer Data Right (CDR) ecosystem, particularly given changes in the cyber threat landscape, technological change, and prospective changes to the CDR. The researchers’ key recommendations included maintaining a highly skilled staff, conducting ongoing threat modelling, and developing predefined responses to known and unknown threats.
“We advised a specific process for threat modelling, but our main emphasis was…
