One in five organisations suffer one cybersecurity breach a month, report finds

- August 22, 2018 2 MIN READ
cyber security

Australian and New Zealand organisations are losing $60 million, on average, each year due to cybersecurity breaches or attacks, with one in five organisations having at least one breach per month and one in six known attacks successful.

A new survey of more than 400 ICT professionals conducted by Telsyte on behalf of DXC Technology has found that, despite the increasing risks and the fact that cybersecurity is seen as the biggest challenge for ICT professionals, their organisations only spend, on average, six percent of their digital budgets on cybersecurity.

Almost three quarters of New Zealand and 89 per cent of Australian organisations surveyed admitted that some of their technologies have cybersecurity “gaps”, with cloud-based services most commonly identified as having gaps.

Asked how their organisation’s digital strategy had been impacted by its cybersecurity, 28 percent of respondents stated that the technologies or processes used by the digital and cybersecurity teams are not compatible, while 28 percent also indicated that their cybersecurity strategy is also limited in scope.

A quarter of respondents also indicated that their organisation’s cybersecurity staffers are not familiar with digital strategy implementation, while 25 percent also stated that their cybersecurity team is siloed from the digital strategy team.

Seelan Nayagam, managing director of DXC Technology Australia and New Zealand, said it is no longer a matter of whether an organisation will be hacked, but when.

“The high rate of breaches across various emerging technologies indicates a need for a more proactive approach to cybersecurity, as opposed to a reactive one,” he said.

“IT and business leaders in the region must align cybersecurity strategy and spending with emerging technology investments, to ensure digital transformation programmes are executed with confidence. With a solid investment strategy, cybersecurity will become an enabler of new business innovation.”

Looking at trends, 37 percent of respondents stated they had not found any discernible pattern in the attacks against their organisation. Over a quarter, however, stated the attacks occurred after business hours in Australia, and 18 percent stated they occurred every time their organisation updated its software.

Forty-two percent of organisations had experienced malicious email attacks over the last 12 months, and 40 percent had experienced malware attacks.

The report comes as Australia grapples with a shortage of cybersecurity professionals: figures released by the government last year estimated Australia will need another 11,000 cyber security specialists over the next decade.

A 2016 survey of Australian Information Security Association (AISA) members, meanwhile, found 78 percent agree there is a shortage of qualified cyber security workers for available positions in Australia.

Looking to address this shortage internally, the Department of Human Services (DHS) earlier this month announced a partnership with startup WithYouWithMe that will see dozens of Defence Force veterans train and work within the DHS Cyber Security Branch.

The partnership, which will see up to 36 participants recruited over the next three years, is part of the startup’s ‘Talent Unleashed’ program, which helps former Defence Force personnel transition into new careers.