SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Australian businesses cybersecurity not up to par during COVID-19
Wed, 6th May 2020
FYI, this story is more than a year old

On the whole, Australian businesses understand that COVID-19 and subsequent remote working plans have resulted in increased cyber risks, however only half are providing additional training for staff in order to bolster employee knowledge and reduce threats.

This is according to new research from YouGov for CrowdStrike. According to the research, 500 Australian decision makers across small, medium and large business enterprises were surveyed and CrowdStrike found that from February to March alone there was a 100x increase in COVID-19 themed malicious files.

Furthermore, the survey results show that 62% of workers are using personal devices to conduct business transactions, and almost two thirds (62%) of senior business decision makers surveyed admit to using personal devices to work from home during the current situation.

Small businesses are less likely to use company-provided devices to work from home (46%) compared to large companies (78%), meaning they are at increased risk of not having the necessary security software installed on personal devices to prevent cyber attacks.

In fact, almost half (47%) of Australian business decision makers surveyed think their business is more likely to experience a serious cybercrime during the COVID-19 situation than it did previously.

Only about a third of SMBs (34%) believe that a cyber attack could happen during the COVID-19 situation.

Of those surveyed, 38% of business decision makers surveyed think their devices are very secure, but there is a clear split between those working remotely more often (46%) and those working remotely around the same as before the COVID-19 situation (28%).

The research has found 87% of respondents say they were working at home more often (59%) or about the same (28%) as before.

Despite security implications, over 9 in 10 (92%) think their devices are secure, whilst 38% surveyed believe their devices are very secure.

Furthermore, despite the concern only half surveyed have provided any additional cybersecurity training on the risks associated with working from home.

CrowdStrike chief technology officer Michael Sentonas says, “Threat actors have always taken advantage of newsworthy events to launch their attacks on organisations, and with COVID-19 they are preying on the public's fear and desperation for information.

“CrowdStrike intelligence shows a significant increase in COVID-19 themed threat activity, posing serious risks for companies of all sizes, especially when you consider the current remote work reality.

According to CrowdStrike, the fact that only half of senior business decision makers acknowledge this risk, combined with a lack of training for employees and an over-confidence in the security of devices, means Australian businesses could be hit by an attack at the worst possible time.

The company suggests that it is vital for businesses have cybersecurity measures in place to protect themselves and their staff from these threats - no matter what device they use or where they are working.

The CrowdStrike Work Security Index surveyed 4,048 senior decision makers in Australia, France, Germany, UK, India, Japan, Netherlands, Singapore and the U.S across major industry sectors.

The survey looked into the attitudes and behaviours towards cyber security during the COVID-19 situation, with many having to work from home.