Story image

Microsoft report: Cyber attacks cost Australia $29b

26 Jun 2018

The direct economic loss from cyber attacks on Australian businesses could reach as much as AU$29 billion per year – the equivalent of 1.9% of the country’s entire GDP.

What’s more, 20% of Australian companies aren’t sure if they have experienced a cybersecurity incident in the last five months because they haven’t checked properly.

For each Australian organisation with more than 500 employees, it could face a direct loss of AU$35.9 million.

These are some of the statistics from a new report by Frost & Sullivan and commissioned by Microsoft, which says direct losses from cyber attacks can result in revenue loss, decreased profitability, fines, lawsuits, and remediation.

The report, titled Understanding the Cybersecurity Threat Landscape in Asia Pacific: Securing the Modern Enterprise in a Digital World, polled 1300 people from 13 countries including Australia, China, Hong Kong, Indonesia, India, Japan, Korea, Malaysia, New Zealand, Philippines, Singapore, Taiwan and Thailand.

More than half (55%) of Australian respondents have experienced a cybersecurity incidents in the last five months. The 20% that don’t know if they have been affected haven’t conducted proper forensics or a data breach assessment, the report claims.

Microsoft’s director of Corporate, Legal and External Affairs, Tom Daemen, says a large number of organisations have been affected, but it’s not surprising given the number of attacks that occur every year.

"However, the finding that one in five Australian businesses are not performing regular forensics and data breach assessments is surprising given the frequency of attacks and suggests a need for greater awareness and a cultural shift in how we manage and think about data.”

Beyond the statistics that show the devastating costs of a breach, the report says that fear and doubt surrounding cybersecurity issues is undermining Australians’ willingness to cash on in the digital economy. 66% say their enterprise has postponed digital transformation efforts due to cyber risks.

“Although the direct losses from cybersecurity breaches are most visible, they are just the tip of the iceberg,” comments Frost & Sullivan VP and Asia Pacific head of Enterprise, Edison Yu.

“There are many other hidden losses that we have to consider from both the indirect and induced perspectives, and the economic loss for organisations suffering from cybersecurity attacks can be often underestimated.”

Yu notes that digital transformation is expected to add $45 billion to Australia’s economy in 2021 so it’s concerning that so many organisations are postponing their efforts.

“Data management needs to be prioritised in the boardroom as a strategic focus. Not only will this ensure organisations comply with Australian Notifiable Data Breaches Act and European GDPR legislation, but it will empower employees to see data as the strategic asset it is – and push forward with digital transformation initiatives.”

 AI in cybersecurity is also proving to be popular, according to the report. 84% of Australian organisations have adopted or will adopt an AI approach to cybersecurity.

Respondents are also concerned about online brand impersonation, remote code execution and data corruption are of top concern as they have a high business impact and slow recovery time.

“The ever-changing threat environment is challenging, but there are ways to be more effective using the right technology and instilling the right culture,” Daemen concludes.

SecOps: Clear opportunities for powerful collaboration
If there’s one thing security and IT ops professionals should do this year, the words ‘team up’ should be top priority.
Interview: Culture and cloud - the battle for cybersecurity
ESET CTO Juraj Malcho talks about the importance of culture in a cybersecurity strategy and the challenges and benefits of a world in the cloud.
Enterprise cloud deployments being exploited by cybercriminals
A new report has revealed a concerning number of enterprises still believe security is the responsibility of the cloud service provider.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.
Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.