Story image

Cyber crime hits Aussie businesses hard

05 May 2016

Cyber crime is hitting Australia hard, with 63% of Australian organisations experiencing a cyber security breach or incident in the past year, and 71% of organisations experiencing mobile security incidents.

This is according to a new report by CompTIA, the non-profit association for the technology channel and broader industry.

The report, International Trends in Cyber securityrevealed that self-reported security breaches were most prevalent in India (94%), Malaysia (89%), Thailand (88%), Brazil (87%) and Mexico (87%). Organisations in Japan (39%) and the United Arab Emirates (40%) reported the lowest percentages of self-reported security incidents.

The study also found that mobile security incidents are occurring at a higher rate, with 71% of Australian organisations reporting a mobile-related security incident such as lost device, data policy violation, or staff disabling security features. 

Mobile incidents were reported at the highest percentages in Thailand (95%) India (91%) and Mexico (89%); and in the lowest percentages in Japan (60%), the UAE (60%) and the UK (64%). 

Furthermore, 72% of Australian organisations expect security to become a higher priority over the next two years. According to CompTIA, the top drivers for a changing approach to security in Australia include: 

  • Change in IT operations (e.g. cloud, mobility) (41%) 
  • Reports of security breaches at other firms (33%) 
  • Internal security breach or incident (32%) 
  • Knowledge gained from training/certification (28%) 
  • Change in business operations or client base (27%) 

Moheb Moses, CompTIA director Channel Dynamics and ANZ community director, says, “Due to the evolving nature of IT, most organisations have had to change the way their company approaches security. In Australia, as in many other countries, the greatest change has been in IT operations, especially as firms move to cloud or implement new mobility strategies.” 

Amy Carrado, senior director research and market intelligence at CompTIA, says, “The importance of cyber security knowledge and readiness continues to grow regardless of geography, with 79% of companies internationally expecting cyber security to become a higher priority over the next two years.” 

The study also revealed that human error is becoming more of a cyber security factor for companies with 61% of Australian organisations reporting it as a major contributor to security risk (compared with 58% internationally). 

Top sources of human error include: 

  • Failure to get up to speed on new threats (37%) 
  • End user failure to follow policies and procedures (31%) 
  • General carelessness (28%) 
  • Intentional disabling of security features (28%) 
  • Lack of expertise with websites and applications (27%) 
  • IT staff failure to follow policies and procedures (25%)

Australian organisations are taking steps to assess and improve cyber security knowledge among their employees - practices include new employee orientation, ongoing training programmes, online courses and random security audits, CompTIA says.

However, the results so far have been mixed. Only 23% of organisations rate their cyber security education and training methods as extremely effective. Making employee training mandatory, more comprehensive training delivered more often and follow-up tests and assessments are some of the steps that would improve effectiveness, executives said.

CompTIA's report, International Trends in Cybersecurity, is based on an online survey of 1,509 business and technology executives (125 in Australia) conducted by CompTIA in January and February 2016. 

Why SD-WAN is key for expanding businesses - SonicWall
One cost every organisation cannot compromise on is reliable and quick internet connection.
New threat rears its head in new malware report
Check Point’s researchers view Speakup as a significant threat, as it can be used to download and spread any malware.
Oracle updates enterprise blockchain platform
Oracle’s enterprise blockchain has been updated to include more capabilities to enhance development, integration, and deployment of customers’ new blockchain applications.
Used device market held back by lack of data security regulations
Mobile device users are sceptical about trading in their old device because they are concerned that data on those devices may be accessed or compromised after they hand it over.
Gartner names ExtraHop leader in network performance monitoring
ExtraHop provides enterprise cyber analytics that deliver security and performance from the inside out.
Symantec acquires zero trust innovator Luminate Security
Luminate’s Secure Access Cloud is supposedly natively constructed for a cloud-oriented, perimeter-less world.
Palo Alto releases new, feature-rich firewall
Palo Alto is calling it the ‘fastest-ever next-generation firewall’ with integrated cloud-based DNS Security service to stop attacks.
The right to be forgotten online could soon be forgotten
Despite bolstering free speech and access to information, the internet can be a double-edged sword, because that access to information goes both ways.