IT Brief Australia - Technology news for CIOs & IT decision-makers
Story image

Cybersecurity tops concerns for Australian businesses

Tue, 19th Nov 2024

A new report indicates that cybersecurity threats rank as the top concern for Australian businesses, according to recent research by Vanta.

Vanta's State of Trust report, surveying 2,500 business and IT leaders globally, reveals that more than half (52%) of Australian business and IT leaders consider cybersecurity threats their primary concern, surpassing operational risk (41%), financial risk (40%), and brand reputation damage (30%). Additionally, 58% of Australian businesses report that security risks are at an all-time high.

The report suggests that small businesses in Australia are not adequately addressing these threats. Less than half (44%) reportedly have a dedicated security budget, and only two in three (66%) are confident in their capability to demonstrate the impact of their security programme on their business.

Furthermore, over half (62%) of Australian organisations acknowledge that their security and compliance measures require improvement, although this has decreased slightly from 67% in 2023.

Jonathon Coleman, APAC General Manager at Vanta, stated: "After two years of major cyber breaches hitting the Australian headlines, Australian businesses are waking up to the very real idea of cyber threats."

While awareness is increasing among larger businesses, Coleman notes, "as larger businesses invest more in their own cyber protection, the vulnerabilities left in the defences of small businesses become only more apparent to attackers, who tend to be opportunistic in nature."

He also mentioned advancements in AI technology that aid in compliance, saying, "But we're in the AI age now, where organisations can automate a large amount of compliance work, which helps make it less of a check-box exercise and more of a strong ongoing security measure that helps drive business."

The report highlights a shift in attitudes towards compliance within Australian businesses, with 66% recognising that a more efficient approach to security and compliance can lead to time and cost savings, and 63% understanding that good security practices can enhance customer trust.

Paul Hawkins, Chief Information Security Officer at CipherStash, warned of the grave impacts of neglecting cybersecurity: "Not taking cybersecurity seriously enough can be a business-ending decision for a startup that's early on its journey." He explained the importance of building and protecting trust with customers to drive future business growth.

Hawkins suggests three practical steps for startups addressing cybersecurity: "First is to identify what you have. Understand what service providers you're using, where you're storing your data and customer data, and get visibility into your IT assets."

He continued, "Secondly, get your identity foundations in place. Centralise your systems around an identity provider, and reduce the number of long-lived login credentials to make it easier to revoke access whenever you need."

"And finally," Hawkins added, "use managed services for security like AWS Guard Duty or Vanta to get visibility and security capabilities without having to build and operate those systems yourself."

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X