sb-au logo
Story image

Organisations spending more as cyberattacks increase

A new study has found cyberattacks are on the rise for Australian organisations, with findings showing an 18% increase in the number of security breaches in 2018. 

Accenture's 2019 Cost of Cybercrime Study, published by Accenture and Ponemon Institute, was based on interviews with more than 2,600 security and IT professionals at 355 organisations worldwide. 

The study has revealed Australian companies experienced an average of 65 security breaches last year, compared to the 2017 average of 53 security breaches. 

According to the report, the cost of cybercrime is increasing, with Australian companies spending US$6.9 million on cybersecurity related expenditure. This is a 26% jump from 2018, higher than Germany at 18% and lower than the UK at 31%.

The research also shows individual incidents are becoming more expensive to companies, with the cost of ransomware attacks increasing by 40% in Australia from 2017-2018, from US$56,500 to US$89,433.

Australian businesses were found to have the largest increase in cybercrime driven by people-based attacks, with a 33% growth in cyberattacks from these methods. Phishing incidents rose by 13%, attacks generated from stolen devices by 11% and ransomware by 9%. However, despite the increased threat and instances of these attacks, budgets for these people-based attacks have not been elevated accordingly, only seeing an incremental increase from 11% to 14% in 2018.

The study calculated cybercrime costs as what an organisation spends to discover, investigate, contain and recover from cyberattacks over a four-consecutive-week period, as well as expenditures that result in after-the-fact activities, i.e., incident-response activities designed to prevent similar attacks and efforts to reduce business disruption and the loss of customers.

"Despite our remote location, Australia has not escaped the impact of some major global ransomware attacks in the last 12 months, with many businesses falling victim to NotPetya and WannaCry, which had a considerable impact on cybersecurity expenditure," explains Joseph Failla, Accenture's security lead in Australia and New Zealand.

"As public and private Australia, across all industries, becomes increasingly digitised, the threat landscape is increasing and leaving us more vulnerable," he says. 

Failla says Australian businesses must understand where they can gain value in their cybersecurity efforts to improve their cyber resilience, minimising risk and even preventing future attacks.

"The continued lack of investment in artificial intelligence, machine learning and automated technologies is concerning, especially as they represent the most value," he says. 

Despite an increase in cybercrime, the research reveals that most types of cyberattacks are taking less time to resolve, demonstrating that capabilities are improving. 

According to the research, malicious code attacks are now taking 20% less time to resolve. The deployment of automation, machine learning and artificial intelligence technologies remains low (35% and 34% in Australia respectively), however these deliver the largest cost savings - up to US$2,670,000 when fully deployed.

Other notable findings of the study include:

  • Australian companies are spending the most on discovery (35%) and the least on recovery activities (20%)
  • Information loss remains the most expensive consequence of a cybercrime in Australia (43%) followed by business disruption (32%).
  • Globally, banks and utilities companies continue to have the largest cost of cybercrime by industry, globally (US$18.37 million and US$17.84 million respectively)
  • Globally, the average cost of cybercrime for an organisation increases from US$1.4 million to US$13 million over five years.
  • The economic value at risk due to cyberattacks over the next five years is US$5.2 trillion globally.
Link image
HSM: The next evolution in trust for today’s wireless world
HSM is wired technology for the wireless world – but not all are created equal. Learn more about HSMs, their pros & cons, and the case for virtual HSM models in business.More
Story image
One Identity & Ping Identity join forces on identity management
The partnership brings together Ping Identity's access management technology with One Identity’s identity governance and administration (IGA) technology.More
Story image
CompTIA's new threat intelligence resource officially launches
The new resource is designed to help technology solution providers, managed services providers (MSPs) and other organisations searching for critical cybersecurity threat intelligence. More
Story image
Cyber criminals turn to Gmail and AOL to advance attacks
“Securing oneself against this threat requires organisations to take protection matters into their own hands - this requires them to invest in sophisticated email security that leverages artificial intelligence to identify unusual senders and requests."More
Story image
10 billion records sit in unsecured databases - China leads the pack
A white hat hacker hacker uncovered a total of 9517 unsecured databases worldwide, collectively containing more than 10 billion entries.More
Story image
Video: 10 Minute IT Jam - Who is Axis Communications?
Today, Techday speaks with Axis Communications ANZ country manager Wai King Wong about Axis' core products and offerings, their presence in the A/NZ market, their various product integrations, and more.More