Story image

ServiceNow report: Australian CISOs lead security automation but don't feel any safer

24 Apr 17

Australian CISOs are leading the world when it comes to automating security practices - and they’re better equipped to protect data and respond to breaches.

A new survey from ServiceNow gained responses from 300 CISOs from around the world, which found that 80% of global executives are concerned that detected data breaches go unaddressed.

Amongst Australian executives, that number dropped to 72%. In addition, 46% of Australian CISOs said that they had automated more than 40% of security tasks, much higher than the global average of 33%.

“Australian organisations have recognised the serious negative impact that data breaches can have upon not only their customers but also operational continuity, reputation and financial performance,” comments David Oakley, ServiceNow’s ANZ managing director.

“They are leading the rest of the world in this space by investing in sophisticated automated security processes to reap the benefits of being able to detect and respond to threats quicker and with more refined processes in place,” he continues.

16% Australian CISOs experienced significant security breaches that cause reputational or financial damage in the past three years. 

In addition, 22% of Australian respondents believe their company is ‘highly effective’ at preventing security breaches overall, compared to 19% of global CISOs.

However, 60% of Australian execs believe that customer data breaches are the greatest danger to reputation and financial performance - and yet only 40% believe their organisations can protect against those types of attacks.

Manual processes may be harming organisations more than helping them, as 26% of Australian respondents believe that manual processes and a lack of resources are affecting their ability to protect, defend and respond to breaches.

When it comes to employee training, the survey found that there may not be enough going on behind the scenes. 2% of Australian respondents believe that employees have the right skills necessary to prioritise security threats, compared to 5% of worldwide respondents.

Amongst the 11% who rated themselves as highly effective at protecting against security threats, ServiceNow says there are key capabilities that help respondents set themselves apart:

  • Building strong relationships with enterprise functions and departments
  • Automating a higher percentage of security activities and advanced tasks like trend reporting
  • Prioriting responses to security alerts based on business criticality
Cofense launches MSSP program to provide phishing defence for SMBs
SMBs are highly susceptible to phishing attacks, and often lack the resources necessary to stop advanced threats
Hillstone CTO's 2019 security predictions
Hillstone Networks CTO Tim Liu shares what key developments could be expected in the areas of security compliance, cloud, security, AI and IoT.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
Oracle Java Card update boosts security for IoT devices
"Java Card 3.1 is very significant to the Internet of Things, bringing interoperability, security and flexibility to a fast-growing market currently lacking high-security and flexible edge security solutions."
Sophos hires ex-McAfee SVP Gavin Struther
After 16 years as the APAC senior vice president and president for McAfee, Struthers is now heading the APJ arm of Sophos.
Security platform provider Deep Instinct expands local presence
The company has made two A/NZ specific leadership hires and formed several partnerships with organisations in the region.
Half of companies unable to detect IoT device breaches
A Gemalto study also shows that the of blockchain technology to help secure IoT data, services and devices has doubled in a year.
Stepping up to sell security services in A/NZ
WatchGuard Technologies A/NZ regional director gives his top tips on how to make a move into the increasingly lucrative cybersecurity services market.