itb-au logo
Story image

Why cybersecurity remains a top business priority

16 Apr 2019

One in two Australian businesses estimated that they received fines for being in breach of new legislation in the past two years and nearly two-thirds of Australian businesses fell victim to a security breach last year according to new Telstra research.

The 2019 Telstra Security Report found that awareness and understanding of the strategic importance of security have increased with 84 per cent of Australian companies saying they will increase security budgets, currently averaging over $900,000 per annum, in the next 12 to 24 months to combat security threats.

The research found Australian businesses are better prepared than ever for cyber-attacks with incident response plans in place at 77 per cent of local businesses. Of the respondents with a plan, more are reviewing and testing them on a monthly basis compared to last year as businesses shift to an ‘expectation of breach’ mentality.

The introduction of new regulations, such as the Notifiable Data Breach Scheme in Australia and the European Union’s Global Data Protection Regulation, as well as several high-profile privacy breaches, has driven C-level and senior management interest in security with one-third of Australian respondents saying the frequency of meetings with senior stakeholders has increased.

Telstra Enterprise group executive Michael Ebeid says, “Against a backdrop of more frequent and sophisticated attacks and the introduction of new regulations that force the public disclosure of breaches, companies are now more aware of the threat of reputational damage and the erosion of customer trust caused by cyber breaches.

“Our research found that customer concern around data privacy has increased within the past year according to 38 per cent of respondents, which compares to 46 per cent globally.”

Human error major risk factor

According to the report, a major source of risk to IT security is human error, which is often caused by inadequate business processes and by employees not understanding their organisation’s security policies. Human error or a targeted attack on an employee were cited as the highest risks to IT security by 36 per cent of respondents.

Detecting data breaches

The ability to timely detect and effectively respond to incidents is still the number one challenge for Australian companies when managing electronic security.

Alarmingly, 19 per cent of Australian respondents surveyed estimated that more than half of the data breaches impacting their company went undetected altogether in the past year. This is despite 74 per cent of Australian businesses believing they have strong systems in place to verify when an incident has occurred.

While Australian businesses are faster at detecting breaches than international counterparts - 62 per cent of the local respondents that experienced a breach indicated they were able to detect a breach in minutes or hours compared to 50 per cent globally - businesses are still taking too long to detect and contain an incident or breach.

Ransomware

While ransomware is still pervasive and profitable for cybercriminals, it is encouraging to note that most potential victims have adopted policies and safeguards against such attacks. These incidents, however, are just as prevalent this year as last year.

Among Australian respondents that reported being interrupted due to a security incident in the past 12 months, 32 per cent indicated interruptions on a weekly or monthly basis, due to ransomware attacks.

The research shows that, increasingly, paying the ransom does not guarantee a retrieval of data. More than half of Australian businesses that experienced ransomware in the past year reported paying the ransom, compared to 47 per cent the previous year. Of those that paid, 77 per cent were able to retrieve the data, compared with 86 per cent the year before.

If attacked again, 79 per cent who paid the ransom would consider paying the ransom again if there was no back-up for the impacted data.

The future

The 2019 Telstra Security Report’s outlook for the future is that security will continue to be a top strategic focus for Australian businesses and increased investment on security will reflect this prioritisation. New compliance measures will also drive increased investment particularly focused on the automation of processes and to demonstrate all necessary precautions are taken to prepare for events.

There is also the much broader security landscape to consider when managing cyber and electronic security. The more devices that become connected, the broader the security footprint becomes. This also brings the opportunity for new technologies to improve end-to-end visibility and better management of security risks.

Story image
ECI Software Solutions acquired by Leonard Green & Partners
"We are excited to welcome LGP as our new partner, and I am confident that this is the right choice for our future – and the future of our 1,700 employees and more than 22,000 customers.”More
Story image
Is the 'fast follower' mentality holding back anti-money laundering in Australia?
The decade-old rules-based systems cannot keep up with sophisticated cyberattacks and money laundering threats on their own, writes FICO financial crimes leader for APAC Timothy Choon.More
Story image
Why legacy technology is swallowing too much of your IT budget 
Given the restrictions caused by legacy IT infrastructure, why are more organisations not pushing ahead with plans to rid themselves of the burden?More
Link image
On 10 December, find out how data centers will fare in the face of climate change
From pandemic disruption to the urgency to address climate change, data center development in Asia Pacific needs to remain resilient and sustainable. On 10 December, join this webinar to learn about viable solutions data center operators can use to overcome environmental challenges. Register now.More
Story image
AR and VR presents huge potential for construction industry, but businesses slow to adopt
According to GlobalData, the construction industry is slowly shifting from years of the wait-and-watch stance to adopting digital technologies to improve the overall project lifecycle from conceptual design to construction.More
Link image
You’re invited: The secrets to workplace happiness in the post-pandemic world
It has been a rough year for workplace wellbeing, with disruption and health concerns worrying every employee. Join Poly’s A/NZ Kickstart 2021 on 10 December from 11am AEDT, where special guest Dr Justin Coulson will share secrets to workplace happiness in the post-pandemic world. Register now.More