Story image

89% of Australian businesses breached last year – Carbon Black

02 Apr 2019

Endpoint security company Carbon Black has released the results of its first Australian Threat Report.

According to the survey, attacks are increasing in volume and sophistication, causing regular security breaches affecting 89% of organisations surveyed.

The report analyses survey results from different industries, organisation sizes and IT team sizes to build a picture of the modern attack and cyber defence landscape in Australia.

Key survey research findings:

  • 89% of surveyed Australian organisations reported being breached in the past 12 months
  • The average number of breaches per surveyed organisation is 4.28.
  • 81% of surveyed organisations reported seeing an increase in attack volumes
  • 88% said attacks have become more sophisticated
  • 90% said they plan to increase spending on cyber defence.

Escalating cyberattacks

“Our first Australian threat report indicates that organisations in Australia are under intense pressure from escalating cyber-attacks,” says Carbon Black security strategy head Rick McElroy.

“The research indicates increases across the board in attack volume and sophistication, causing frequent breaches.

“In response, an encouraging number of Australian organisations are adopting threat hunting and seeing positive results. As threat hunting strategies start to mature, we hope to see fewer attacks making it to full breach status,” he adds.

Malware is the most prolific attack type in Australia according to the survey, with 29% of organisations naming it the most commonly encountered.

Google Drive and ransomware were in second and third place with 15% and 12% respectively.

However, the human factor plays a big part in the attacks that lead to breaches, the survey found.

Phishing attacks are at the root of 12% of successful breaches, the survey noted.

Process weakness was the identified cause in 13% of breaches, according to the survey, indicating that basic security hygiene should still be considered a priority by organisations.

Threat hunting as a possible solution

65% of surveyed Australian organisations said they are actively threat hunting, with over a quarter (26%) having threat hunted for more than one year, the survey found. 

Over one-third (38%) said they have started in the past year. 

92% of those organisations report that threat hunting has strengthened their defences.

Survey methodology

Carbon Black commissioned the survey undertaken by an independent research organisation, Opinion Matters in January 2019. 

250 Australian CIOs, CTOs and CISOs were surveyed from companies in a range of industries including financial, healthcare, government, retail, manufacturing, food and beverage, oil and gas, professional services, and media and entertainment.

This forms part of a global research project with other countries being surveyed including: Australia, Canada, France, Germany, Italy, Japan, Singapore and the UK.

Industrial control component vulnerabilities up 30%
Positive Technologies says exploitation of these vulnerabilities could disturb operations by disrupting command transfer between components.
McAfee announces Google Cloud Platform support
McAfee MVISION Cloud now integrates with GCP Cloud SCC to help security professionals gain visibility and control over their cloud resources.
WatchGuard announces A/NZ partners awards
Four Australian companies were named partner award winners at the WatchGuard conference in Vietnam.
Telstra’s 2019 cybersecurity report
Cybersecurity remains a top business priority as the estimated number of undetected security breaches grows.
Why AI and behaviour analytics should be essential to enterprises
Cyber threats continue to increase in number and severity, prompting cybersecurity experts to seek new ways to stop malicious actors.
Scammers targeting more countries in sextortion scam - ESET
The attacker in the email claims they have hacked the intended victim's device, and have recorded the person while watching pornographic content.
Cryptojacking and failure to patch still major threats - Ixia
Compromised enterprise networks from unpatched vulnerabilities and bad security hygiene continued to be fertile ground for hackers in 2018.
Why cybersecurity remains a top business priority
One in two Australian businesses estimated that they will receive fines for being in breach of new legislation.