SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
ANZ organisations cite fewer cyber attacks but longer downtime
Wed, 13th Apr 2022
FYI, this story is more than a year old

More than half (65%) of security leaders say they have seen an increase in attempted cyber attacks. In addition, many have been directly impacted by data breaches and costly ransomware attacks, which have left security teams exhausted.

This is according to Splunk and Enterprise Strategy Group's State of Security 2022, an annual global research report that examines the security issues facing the modern enterprise.

More than 1,200 security leaders participated in the survey, revealing they've seen an increase in cyber attacks while their teams are facing widening talent gaps.

Nearly half (49%) of organisations say they have suffered a data breach over the past two years, an increase from 39% a year earlier. 79% of respondents say they've encountered ransomware attacks, and 35% admit that one or more of those attacks led them to lose access to data and systems.

In addition, 59% of security teams say they had to devote significant time and resources to remediation, an increase from 42% a year ago. Furthermore, 54% of respondents report that their business-critical applications have suffered from unplanned outages related to cybersecurity incidents on at least a monthly basis, with a median of 12 outages per year.

The median time to recover from unplanned downtime tied to cybersecurity incidents is 14 hours, and respondents estimated the cost of this downtime averaged about $200,000 per hour.

Finally, 64% of security professionals have stated that it's challenging to keep up with new security requirements, up from 49% a year ago.

Splunk distinguished security strategist Ryan Kovar says, “This survey has revealed that organisations are deeply concerned about supply chain attacks, especially after the SolarWinds hacks of 2020 and the Log4Shell incident in late 2021. 90% of organisations reported that they have increased their focus on third-party risk assessments as a result of those high-profile attacks.

"In my 20 years in IT security, I've never seen software supply chain threats given this level of visibility. Unfortunately, this will only increase the already intense pressure security teams face.

As cybercriminals become more persistent and workloads increase, many organisations have been impacted by 'the great resignation' and the additional security challenges of remote work.

These factors have exacerbated the already ongoing talent shortage within the cybersecurity industry: 76% of respondents say their team members have been forced to take on responsibilities they are not ready for, and 70% say that the resulting increase in their workload has led them to consider looking for a new role.

On top of this, 85% of respondents say it has gotten harder to recruit and retain talent over the past 12 months, 53% say they can't hire enough staff and 58% cite an inability to find talent with the right skills.

Overall, 68% of respondents report that talent shortages directly led to the failure of one or more projects/initiatives, and 73% of respondents say that workers have resigned, citing burnout.

Organisations from around the world face similar security challenges, but many struggle to secure proper investment into their cybersecurity programs and face cybersecurity skills shortages.

Australia and New Zealand are less bullish about the promise of AI and ML in security automation. Only 15% of respondents, versus 36% across other countries, strongly agree that security operations centre activities such as threat detection, investigation and response at their organisation will be automated, with little to no human administrator intervention, in the next three years.

Another key finding was that organisations in Australia and New Zealand experience longer downtime tied to security incidents than other countries - only 57% of respondents say that their typical MTTR is measured in hours or less versus 75% in other countries.

The ANZ region also reported fewer cyber attacks in the previous 24 months than other nations including: data breaches (35% versus 49% of organisations in other countries), business email compromise (33% versus 52%) and successful phishing attacks (33% versus 48%).

Only 72% of respondents in Australia and New Zealand report an uptick in difficulty versus 86% of their peers globally.

Less stress may be why only 22% report that they've considered leaving their job due to the stress associated with staff/skill shortages, compared to 38% of respondents in other countries, the researchers state.

Splunk vice president of security products Jane Wong says, “Our latest State of Security report has revealed the challenges security professionals face, but there are steps we can take to alleviate these issues.

"One positive sign is that over two-thirds (67%) of organisations are actively investing in technologies designed for advanced analytics and security operations automation. Automation is critical to help reduce the time it takes to respond to attacks, and these technologies should focus on assisting our human analysts, not replacing them. This can mean fewer tools, not more.

"For example, a platform approach can make it easier for security teams to take action on complex threats, while the basic stuff is remediated at machine speed. The result should be less sense of being overwhelmed — and less analyst burnout, but also reduced dwell time if the organisation has been breached.