Story image

ServiceNow report: Australian CISOs lead security automation but don't feel any safer

24 Apr 17

Australian CISOs are leading the world when it comes to automating security practices - and they’re better equipped to protect data and respond to breaches.

A new survey from ServiceNow gained responses from 300 CISOs from around the world, which found that 80% of global executives are concerned that detected data breaches go unaddressed.

Amongst Australian executives, that number dropped to 72%. In addition, 46% of Australian CISOs said that they had automated more than 40% of security tasks, much higher than the global average of 33%.

“Australian organisations have recognised the serious negative impact that data breaches can have upon not only their customers but also operational continuity, reputation and financial performance,” comments David Oakley, ServiceNow’s ANZ managing director.

“They are leading the rest of the world in this space by investing in sophisticated automated security processes to reap the benefits of being able to detect and respond to threats quicker and with more refined processes in place,” he continues.

16% Australian CISOs experienced significant security breaches that cause reputational or financial damage in the past three years. 

In addition, 22% of Australian respondents believe their company is ‘highly effective’ at preventing security breaches overall, compared to 19% of global CISOs.

However, 60% of Australian execs believe that customer data breaches are the greatest danger to reputation and financial performance - and yet only 40% believe their organisations can protect against those types of attacks.

Manual processes may be harming organisations more than helping them, as 26% of Australian respondents believe that manual processes and a lack of resources are affecting their ability to protect, defend and respond to breaches.

When it comes to employee training, the survey found that there may not be enough going on behind the scenes. 2% of Australian respondents believe that employees have the right skills necessary to prioritise security threats, compared to 5% of worldwide respondents.

Amongst the 11% who rated themselves as highly effective at protecting against security threats, ServiceNow says there are key capabilities that help respondents set themselves apart:

  • Building strong relationships with enterprise functions and departments
  • Automating a higher percentage of security activities and advanced tasks like trend reporting
  • Prioriting responses to security alerts based on business criticality
Tensions on the rise after Huawei CFO arrest
“Recently our corporate CFO, Meng Wanzhou, was provisionally detained by the Canadian authorities on behalf of the United States of America."
Palo Alto Networks integrates RedLock and VM-Series with AWS Security Hub
AWS Security Hub is designed to provide users with a comprehensive view of their high-priority security alerts and compliance status.
Juniper simplifies data integration to improve threat detection
Updates to the Juniper Advanced Threat Prevention Appliances leverage third-party firewalls and security data sources.
Is mobile shopping compromising your enterprise security?
When employees do their holiday shopping on company resources, security teams have a challenge with the surge in browsing and online transactions.
Different approach to malware detection needed – VMware
Security needs to move away from the traditional approach of chasing after arbitrary forms of malware.
Modernising ERP systems can help organisations comply with GDPR
“Organisations need to look for modern ERP systems that are specifically designed with GDPR in mind."
APRA Prudential Standard CPS 234: How to communicate with the board
The Australian Prudential Regulation Authority’s standard, CPS 234, is aimed at minimising the threat of cyber attacks for APRA-regulated entities.
Cyber attacks develop complexity, target Windows sysad tools - report
The report explores changes in the threat landscape over the past year, uncovering trends and how they are expected to impact cybersecurity in 2019.