sb-au logo
Story image

Microsoft report: Cyber attacks cost Australia $29b

26 Jun 2018

The direct economic loss from cyber attacks on Australian businesses could reach as much as AU$29 billion per year – the equivalent of 1.9% of the country’s entire GDP.

What’s more, 20% of Australian companies aren’t sure if they have experienced a cybersecurity incident in the last five months because they haven’t checked properly.

For each Australian organisation with more than 500 employees, it could face a direct loss of AU$35.9 million.

These are some of the statistics from a new report by Frost & Sullivan and commissioned by Microsoft, which says direct losses from cyber attacks can result in revenue loss, decreased profitability, fines, lawsuits, and remediation.

The report, titled Understanding the Cybersecurity Threat Landscape in Asia Pacific: Securing the Modern Enterprise in a Digital World, polled 1300 people from 13 countries including Australia, China, Hong Kong, Indonesia, India, Japan, Korea, Malaysia, New Zealand, Philippines, Singapore, Taiwan and Thailand.

More than half (55%) of Australian respondents have experienced a cybersecurity incidents in the last five months. The 20% that don’t know if they have been affected haven’t conducted proper forensics or a data breach assessment, the report claims.

Microsoft’s director of Corporate, Legal and External Affairs, Tom Daemen, says a large number of organisations have been affected, but it’s not surprising given the number of attacks that occur every year.

"However, the finding that one in five Australian businesses are not performing regular forensics and data breach assessments is surprising given the frequency of attacks and suggests a need for greater awareness and a cultural shift in how we manage and think about data.”

Beyond the statistics that show the devastating costs of a breach, the report says that fear and doubt surrounding cybersecurity issues is undermining Australians’ willingness to cash on in the digital economy. 66% say their enterprise has postponed digital transformation efforts due to cyber risks.

“Although the direct losses from cybersecurity breaches are most visible, they are just the tip of the iceberg,” comments Frost & Sullivan VP and Asia Pacific head of Enterprise, Edison Yu.

“There are many other hidden losses that we have to consider from both the indirect and induced perspectives, and the economic loss for organisations suffering from cybersecurity attacks can be often underestimated.”

Yu notes that digital transformation is expected to add $45 billion to Australia’s economy in 2021 so it’s concerning that so many organisations are postponing their efforts.

“Data management needs to be prioritised in the boardroom as a strategic focus. Not only will this ensure organisations comply with Australian Notifiable Data Breaches Act and European GDPR legislation, but it will empower employees to see data as the strategic asset it is – and push forward with digital transformation initiatives.”

 AI in cybersecurity is also proving to be popular, according to the report. 84% of Australian organisations have adopted or will adopt an AI approach to cybersecurity.

Respondents are also concerned about online brand impersonation, remote code execution and data corruption are of top concern as they have a high business impact and slow recovery time.

“The ever-changing threat environment is challenging, but there are ways to be more effective using the right technology and instilling the right culture,” Daemen concludes.

Download image
Ultimate security: The best authentication just got better
Cloud applications can hold sensitive data, and top-notch authentication is key. But having separate tools for separate applications can be cumbersome - here's how to overcome that.More
Story image
CrowdStrike recognised as leading endpoint security vendor on global scale
IDC's report shows that CrowdStrike demonstrated a 2018-2019 growth rate of 99% and close to doubled its market share, while the market shares of the top three vendors in the corporate endpoint segment declined.More
Story image
IBM report: Security response improving - containing attacks, not so much
“While more organisations are taking incident response planning seriously, preparing for cyber-attacks isn’t a one and done activity."More
Story image
Rackspace and Cloudflare join forces for managed edge security
Rackspace and Cloudflare join forces for managed edge security The solution includes a web application firewall, DDoS protection, DNS services and a global content delivery network, backed by 24/7 support.More
Link image
Network visibility powers full-throttle operation without risk
It's pedal to the metal without running risks. Not buying it? Ask the Fortune 500.More
Story image
Why DX is not complete without a transformed security architecture
Secure Access Services Edge (SASE) is the process by which core WAN edge capabilities like SD-WAN, routing, and WAN optimisation at branch locations are integrated with cloud-based security services like secure web gateways, firewall-as-a-service, cloud access security brokers, and more.More