SecurityBrief Australia logo
Story image

Cybersecurity reporting will need to be a seamless business process in 2020

13 Feb 2020

Article by HCL Technologies corporate vice president and global head of Cyber Security and Global Risk and Compliance Business, Maninder Singh.

While Australia now has in place mandatory data breach laws, it appears many organisations are consistently underreporting the number and nature of cyberattacks they are suffering.

The issue was highlighted in a recent survey of IT professionals in Australia and around the globe. The State of Cybersecurity 2019 survey, conducted by  ISACA and sponsored by HCL Technologies, found 75% of respondents believe that reporting of instances of cybercrime is being intentionally suppressed. More concerningly, 50% of respondents believe that most cybercrime is underreported, even where organisations are legally required to do so.

The laws, which came into effect in February last year, require many organisations handling personal information to report data breaches if they are likely to result in serious harm. While reports are being made, it seems the number doesn’t accurately reflect what is really going on.

These results are a significant concern for both governments and the business sector. Any misrepresentation of the levels of cybercrime occurring could result in under preparedness, disruption and losses.

More work needs to be done to improve response capabilities and ensure core systems remain protected at all times.

Threat types remain consistent 

While reporting of incidents may be in inaccurate, there is consistency when it comes to the types of threats being faced. The top identified threat actor in this year’s survey were cybercriminals, nominated by 32% of respondents. This compares with 33% who placed this threat first last year.

Second was hackers, nominated by 23% of respondents (23% last year) and non-malicious insiders, nominated by 15% (14% last year).

Among respondents in the Asia-Pacific region, more than a fifth (21%) indicate they have seen an increase in hacktivist attacks, compared with 13% globally. In this region, hackers and cybercriminals remain the biggest threats, nominated by 41% and 49% of respondents respectively.

When it comes to the types of threats being experienced, phishing attacks are most prevalent, being nominated by 44% of respondents. This was followed by malware (31%) and social engineering (27%). Of the AsiaPac respondents, almost a third (32%) say they have experienced APT attacks which is higher than the global figure of 20%. SQL attacks are also higher in AsiaPac, reported by 17% of respondents, compared with 10% globally.

These results show a degree of consistency over time. It should also provide some comfort for cybersecurity professionals as they can be relatively certain that any attacks occurring in the near future are likely to be of these types. This means that security measures in place should be able to provide required protection.

Asked whether they expect their organisation to be the target of a cyberattack this year, 60% of survey respondents say this is ‘likely’ or ‘very likely’. Just 5% believe it is ‘unlikely’ or ‘very unlikely’ to happen.

Ability to respond

With the number of cyberthreats continuing to increase, it is interesting to gain an insight into how prepared organisations believe they are to respond. Of those surveyed, only 7% say they are ‘extremely confident’. A further 27% consider they are ‘very confident’ with more than a third (37%) saying they are only ‘somewhat confident’.

These results are concerning as they illustrate a lack of confidence in the ability to deal with cyberattacks if or when they occur. Clearly more work needs to be done to improve response capabilities and ensure core systems remain protected at all times.

Strategic planning

Overall, the survey shows work remains to be done when it comes to cybersecurity preparedness. The rising number of attacks means extra vigilance is required and staffing and budgetary levels must at least be maintained if not increased.

There is also a need for improvement when it comes to reporting. If attack numbers are being intentionally underreported, it makes effective strategic planning very difficult. Staying quiet may seem like the best option now, but it could come back as a bigger problem in the future.

Story image
Why the rise of containers has created a vulnerability crisis
A rise in the use of Kubernetes and Docker services — and increased adoption of DevOps methodologies — have all contributed to the rise in popularity of containers. But as with all emerging technologies, there are risks.More
Story image
ThycoticCentrify launches additions to DevOps Secrets Vault
"With the need for cloud security skyrocketing, enterprises can now address these new use cases more efficiently with an integrated solution.”More
Story image
Dell Technologies partners with SecureWorks for new security service
The new Dell Technologies Managed Detection and Response powered by Secureworks TaegisXDR provides 24/7 security across endpoint devices, data centre networks and cloud environments.More
Story image
New research reveals customer behaviour around fraud risks
"Timeliness is key, you must get the alert in front of people at the exact moment they are at risk of fraud. Without this, banks will continue to spend huge amounts of money on fraud prevention messaging that will never have an impact."More
Story image
Organisations faced unprecedented ransomware risk in 2020
Enterprises faced unprecedented cybersecurity risk in 2020 from increasing attack volume, the pandemic-driven digital transformation of work, and generally deficient cyber preparedness and training.More
Story image
Fortinet looks to reduces cyber skills gap with Training Advancement Agenda
“Fortinet is committed to solving today’s biggest cyber challenges, including addressing the talent shortage the industry faces, as both a technology company and learning organisation."More