Cyber attack rated Sydney's least major threat

A new plan pinpointing the major short-term threats facing Sydney has placed cyber attack last on a list of 'acute shocks'.

Lord Mayor of Sydney Clover Moore today released the inaugural Resilient Sydney: a strategy for city resilience plan, which has been two years in the making.

It brings together the input of 33 local councils and 1000 residents from across Metropolitan Sydney, as well as 100 business and government organisations.

The plan was developed after Sydney was named one of the Rockefeller Foundation’s 100 Resilient Cities, alongside Oceania neighbours: Melbourne, Christchurch and Wellington.

Cyber attack and digital network failure were found to be some of Sydney’s eight “major acute shocks” - described as "sudden, short-term events that threaten a city".

But they placed eighth and fifth respectively, with traditional risk like extreme weather, financial institution failure and infrastructure failure topping the list.

Events like the 2016 Australian Bureau of Statistics Census debacle and the Bureau of Meteorology’s 2015 cyber intrusion were cited as recent cyber-related shocks.

This was despite the strategy's supplementary material - a 2016 Resilience Assessment and a 2016 City Context Report - placing the threat of cyber attack higher.

The City Context Report also notes that “causes of shocks and shocks themselves are interdependent” using the example critical infrastructure failures.

"... [T]here is a strong relationship between critical infrastructure failure, and breakdown of critical information infrastructure, and either may be caused by terror or cyber attacks,” it states.

One of the strategy’s 30 actions includes supporting small businesses to better manage cybersecurity.

“Cybersecurity is one of the biggest shocks facing metropolitan Sydney and Australian business are underprepared,” the strategy states.

“The economic impacts of cybercrime are significant and small businesses are particularly vulnerable.

“This action will promote small business engagement in cyber preparedness and act on the recommendations of the Commission through council networks, local business support programs and financial institutions and peak bodies with a significant client base of small to medium businesses.”