itb-au logo
Story image

Australian employees are weakening organisations' security posture - report

20 Apr 2020

Inappropriate IT use by Australian employees is the single biggest weak spot in an organisation’s cybersecurity posture, according to a new report from Kaspersky released today.

Almost half (49.4%) of all security incidents in 2019 occurred as a result of ‘inappropriate usage’ by employees, with a further 42.9% of incidents being caused by inappropriate data sharing across mobile devices by employees.

The survey, which quizzed approximately 5,000 global businesses, with about 250 of them being Australian, found that cybercriminals are increasingly exploiting IT systems as they get more complex, tailoring their attacks to take advantage of weaknesses in new technologies.

“Many businesses have now been forced to quickly adapt to a home workforce during COVID-19,” says Kaspersky A/NZ senior security researcher Noushin Shabab.

“With an increased dependency on mobile devices, remote working using cloud applications and data being used from more locations, the risk of cyberattacks in 2020 is set to skyrocket if businesses don’t quickly close gaps in their security and focus on the way they’re using cloud services.”

“It also helps to double-check mobile device protection to have anti-theft capabilities enabled, such as remote device location, lock and wipe of data, screen lock and password, and Face ID or Touch ID,” says Shabab.

The research also indicates that 36.5% of Australian businesses have been involved in an incident through a third-party cloud service that their employees used in the past year. 

Despite increasing security vulnerability on mobile devices, only 8.5% of Australian survey respondents ranked security issues with mobile devices as their most important security issue.

Meanwhile, almost half of all breaches in China in 2018-2019 stemmed from mobile devices.

The survey found that when it comes to budgets, about two-thirds of Australian businesses expected to increase IT budgets over the next three years with much of that to happen over the next year. 

However, about 28% of Australian enterprises and SMBs currently allocate less than 10% of their IT budget to security with around 40% allocating between 10% and 25% to security. 

“Our findings show that Australian businesses vastly underfund their security measures compared to global counterparts with 11.7% of businesses globally allocating more than half their IT budget on security,” reports Shabab.

This illustrates a growing discrepancy between budget allocation to cybersecurity and the huge cost of potential data breaches, which could be crippling to some businesses if they don’t take preventative measures.

26.4% of Australian small businesses reported that they lost between AUD$3,000 and $15,000 through attacks in 2018-2019.

The research found that in 2018-2019, 38.5% of respondents reported losses under $100,000, 20.9% reported losses between $100,000 and $249,000, and 19.8% reported losses up to $1 million, with 20.9% reporting incidents costing in excess of $1 million.

Story image
Oracle named ‘Leader’ in IDC cloud data analytics MarketScape
The company was recognised for the ability to accelerate customers’ movement to a cloud data analytic platform and bring data together into a trusted source.More
Story image
How 'data gravity' centres can spell trouble for enterprises
In the not-too-distant past, data was created in a much more centralised place, and users and systems had far less access to it. Now, with digital data from social, analytics, mobile, cloud, IoT and more being created with both simultaneity and omnipresence, so much information is being collected that it’s forming a ‘centre of gravity’.More
Story image
Video: 10 Minute IT Jams - Who is Denodo?
Techday caught up with Denodo chief marketing officer Ravi Shankar, who discusses the ins and outs of data virtualisation, how it differs from other big data solutions, and its presence in the A/NZ region.More
Link image
The 5G network emulation solution that accelerates device workflow
Here's how to streamline your workflow across test domains including protocol, radio frequency (RF)/radio resource management, and functional and performance testing.More
Story image
Hostopia Australia experiences significant growth with AWS
Hostopia Australia has experienced a 19% growth in Q3 for its AWS managed cloud customers, according to a statement from the company.More
Story image
Open source skills in hot demand despite economic uncertainty
"2020 has been a difficult year for all of us, but it's encouraging to see that open source continues to provide abundant opportunities," says Linux Foundation's Jim Zemlin.More