sb-au logo
Story image

Attack volumes, breach levels and security investment all rise in Australia

14 Jul 2020

A massive majority of CIOs, CTOs and CISOs in Australia have reported an increase in cyber-attack volume and breaches in the last 12 months.

94% of 250 high-level executives around Australia surveyed in a report released today from VMware have noticed a surge in attack volume, which has, in turn, prompted increased investment in cyber-defence.

Additionally, 96% of respondents acknowledged that their business suffered a security breach of some kind within the last year, with the average organisation suffering two breaches during that time period.

88% of Australian executives believe cyber-attacks have become more sophisticated, while a huge 96% plan on increasing cybersecurity budgets in response to this.

In fact, many organisations have already begun sizeable investments into security infrastructures – according to the report, an average of more than seven different tools are used by Australian businesses to bolster cyber-defence.

“Siloed, hard-to-manage environments hand the advantage to attackers from the start,” says VMware Carbon Black cybersecurity strategist Rick McElroy.

“Evidence shows that attackers have the upper hand when security is not an intrinsic feature of the environment. 

“As the cyber threat landscape reaches saturation, it is time for rationalisation, strategic thinking and clarity over security deployment.”

The report also found that OS vulnerabilities and third-party applications were the leading causes of breaches, both with 18% respectively, followed by web application attacks.

The method of attack known as island-hopping was identified as a notable cause of breaches at 11%, despite only being cited by 4% of respondents as the most common attack type experienced. McElroy says this is because attack vectors in the supply chain prove an easy target for hackers.

“Island-hopping is having an increasing breach impact with 11% of our survey respondents citing it as a main cause of breaches,” he says.

“In combination with other third-party risks such as third-party apps and the supply chain, it’s clear the extended enterprise is under pressure.”    

The VMware report also drew a direct link between a worldwide increase in cyber-attack volume and the COVID-19 pandemic.

In a separate survey which quizzed global respondents from the US, UK, Singapore and Italy, 91% of cybersecurity professionals said attack volumes have increased as more employees work from home, while 92% said their organisations have experienced cyber-attacks linked to COVID-19 malware.

“These figures indicate that the surveyed CISOs may be facing difficulty in a number of areas when answering the demands placed on them by the COVID-19 situation,” says McElroy.

“The 2020 survey results suggest that security teams must be working in tandem with business leaders to shift the balance of power from attackers to defenders. 

“We must also collaborate with IT teams and work to remove the complexity that’s weighing down the current model,” he adds.

“By building security intrinsically into the fabric of the enterprise – across applications, clouds and devices – teams can significantly reduce the attack surface, gain greater visibility into threats, and understand where security vulnerabilities exist.”

Story image
COVID-19 crushes fingerprint reader market
However, the biometrics market is expected to regain momentum with alternatives already beginning to find their feet.More
Link image
The importance of data resilience in the current cybersecurity climate
Protecting an organisation's data is one of the most crucial functions of any CISO. Strategies should be in place where data is stored securely and cost-effectively.More
Story image
Interview: How cyber hygiene supports security culture - ThreatQuotient
We spoke with ThreatQuotient’s APJC regional director Anthony Stitt to dig deeper into cyber hygiene, security culture, threat intelligence, and the tools that support them.More
Story image
Gartner reveals the top strategic tech trends for 2021
“CIOs are striving to adapt to changing conditions to compose the future business - this requires the organisational plasticity to form and reform dynamically. Gartner’s top strategic technology trends for 2021 enable that plasticity.”More
Story image
Research: Younger cybersecurity pros more fearful of being replaced by AI
According to the findings, 53% of respondents under 45 years old either agreed or strongly agreed that AI and ML are a threat to their job security, despite 89% of this demographic believing that it would improve their jobs.More
Story image
Video: 10 Minute IT Jams - Who is LogRhythm?
LogRhythm VP of sales for Asia Pacific Simon Howe, who discusses the company's primary offerings and services, what products the company is focused on for the future, and the infrastructure it has in the A/NZ market.More