Story image

Cyber crime hits Aussie businesses hard

05 May 16

Cyber crime is hitting Australia hard, with 63% of Australian organisations experiencing a cyber security breach or incident in the past year, and 71% of organisations experiencing mobile security incidents.

This is according to a new report by CompTIA, the non-profit association for the technology channel and broader industry.

The report, International Trends in Cyber securityrevealed that self-reported security breaches were most prevalent in India (94%), Malaysia (89%), Thailand (88%), Brazil (87%) and Mexico (87%). Organisations in Japan (39%) and the United Arab Emirates (40%) reported the lowest percentages of self-reported security incidents.

The study also found that mobile security incidents are occurring at a higher rate, with 71% of Australian organisations reporting a mobile-related security incident such as lost device, data policy violation, or staff disabling security features. 

Mobile incidents were reported at the highest percentages in Thailand (95%) India (91%) and Mexico (89%); and in the lowest percentages in Japan (60%), the UAE (60%) and the UK (64%). 

Furthermore, 72% of Australian organisations expect security to become a higher priority over the next two years. According to CompTIA, the top drivers for a changing approach to security in Australia include: 

  • Change in IT operations (e.g. cloud, mobility) (41%) 
  • Reports of security breaches at other firms (33%) 
  • Internal security breach or incident (32%) 
  • Knowledge gained from training/certification (28%) 
  • Change in business operations or client base (27%) 

Moheb Moses, CompTIA director Channel Dynamics and ANZ community director, says, “Due to the evolving nature of IT, most organisations have had to change the way their company approaches security. In Australia, as in many other countries, the greatest change has been in IT operations, especially as firms move to cloud or implement new mobility strategies.” 

Amy Carrado, senior director research and market intelligence at CompTIA, says, “The importance of cyber security knowledge and readiness continues to grow regardless of geography, with 79% of companies internationally expecting cyber security to become a higher priority over the next two years.” 

The study also revealed that human error is becoming more of a cyber security factor for companies with 61% of Australian organisations reporting it as a major contributor to security risk (compared with 58% internationally). 

Top sources of human error include: 

  • Failure to get up to speed on new threats (37%) 
  • End user failure to follow policies and procedures (31%) 
  • General carelessness (28%) 
  • Intentional disabling of security features (28%) 
  • Lack of expertise with websites and applications (27%) 
  • IT staff failure to follow policies and procedures (25%)

Australian organisations are taking steps to assess and improve cyber security knowledge among their employees - practices include new employee orientation, ongoing training programmes, online courses and random security audits, CompTIA says.

However, the results so far have been mixed. Only 23% of organisations rate their cyber security education and training methods as extremely effective. Making employee training mandatory, more comprehensive training delivered more often and follow-up tests and assessments are some of the steps that would improve effectiveness, executives said.

CompTIA's report, International Trends in Cybersecurity, is based on an online survey of 1,509 business and technology executives (125 in Australia) conducted by CompTIA in January and February 2016. 

Cylance makes APIs available in endpoint detection offering
Extensive APIs enable security teams to more efficiently view, enrich, and contextualise real-time intelligence collected at the endpoint to keep systems secure.
SolarWinds adds SDN monitoring support to network management portfolio
SolarWinds announced a broad refresh to its network management portfolio, as well as key enhancements to the Orion Platform. 
JASK prepares for global rollout of their AI-powered ASOC platform
The JASK ASOC platform automates alert investigations, supposedly freeing the SOC analyst to do what machines can’t. 
Pitfalls to avoid when configuring cloud firewalls
Flexibility and granularity of security controls is good but can still represent a risk for new cloud adopters that don’t recognise some of the configuration pitfalls.
Securing hotel technology to protect customer information
Network security risks increase exponentially as hotels look to incorporate newer technologies to support a range of IoT devices, including smart door locks.
Why total visibility is the key to zero trust
Over time, the basic zero trust model has evolved and matured into what Forrester calls the Zero Trust eXtended (ZTX) Ecosystem.
Gartner names Proofpoint Leader in enterprise information archiving
The report provides a detailed overview of the enterprise information archiving market and evaluates vendors based on completeness of vision and ability to execute.
WatchGuard appoints new channel distributors in A/NZ
The appointments will enable WatchGuard to expand its regional channel reseller footprint.