A Palo Alto Networks report says that Australian businesses are somewhat resilient in their cybersecurity habits, even though many think that cybercriminals and threats are becoming more difficult to fight.
The State of Cubersecurity in Asia-Pacific report says that Australians also have a misplaced sense of confidence.
36% of respondents lost at least $130,000 in data breaches in 2015-2016, and 40% have lost money in the last year alone.
"These survey results highlight that every organisation is a potential target for cybercriminals. If businesses don’t put the right measures in place, they may be exposed to financial losses and reputational damage after just one successful breach. Failure to take a strong preventative mindset, which includes implementing advanced, next-generation security measures and policies, puts these organisations at risk,” comments Sean Duca, vice president and regional chief security officer for Asia-Pacific, Palo Alto Networks
Although resiliency sees organisations through security events, 34% of respondents have a low average adoption rate for advanced security measures.
Organisations are not paying attention to the threat landscape and how serious some threats are. 70% of Australian respondents said that cybercrime has become more sophisticated in the last five years; while 86% of Chinese respondents thought the same.
More than half of Australian firms are devoting between 5-15% of their budget to cybersecurity, and 55% said it’s easy to convince management that security is a worthwhile investment.
Repondents also felt that breach reporting to regulators should be mandatory; such as in the case of the upcoming Data Breach Notifications Bill.
Organisations would also feel more confident sharing threat information if a framework outlined the types of information that could be shared. Palo Alto Networks says that this method is the only way Australian organisations can take a preventative approach, instead of constantly having to find the latest cure.
Government respondents in Australia may be on the back foot, as the report found that not a single one said that they review their policy and/or operating policy more than once per year.
Palo Alto Networks says that sound cybersecurity practices must be modelled from the top down in any organisation.
IT and security teams should make the security experience ‘visceral’ to leaders by defining clear business metrics and conducting cybersecurity readiness tests. This allows leaders to understand and engage in the issues, Palo Alto suggests.