Gtr masthead v5

Hundreds of attacks daily on critical organisations


By Dylan Bushell-Embling
Wednesday, 19 April, 2017


33839644636 d00c4352f7 z

Nine in 10 important Australian organisations faced some form of attempted or successful cyber attack in the 2015–16 financial year, with some critical infrastructure organisations being attacked hundreds of times per day.

These were among the findings of the latest report from the Australian Cyber Security Centre (ACSC) covering both government and private sector organisations of national significance.

The report finds that through spear phishing emails alone, organisations are being attacked up to hundreds of times per day.

In total, 86% of surveyed organisations experienced attempts to compromise their network data or system, with 58% experiencing at least one successful attack.

Sixty per cent of organisations surveyed experienced tangible impacts on their business due to attempted or successful compromises, despite rating the incidences as relatively low in severity.

On the bright side, the majority of organisations surveyed displayed a high level of cyber resilience — defined as “an organisation’s ability to prepare for, withstand and recover from cyber threats and attacks”.

But there are still improvements that need to be made, the ACSC said. Just over half (51%) of organisations surveyed said they tend to be alerted to possible breaches by external third parties before detecting it themselves, suggesting that “organisations are not adequately focusing on monitoring networks and detecting potentially malicious activity”, the report states.

Likewise, while a number of organisations have embraced practices such as BYOD or remote work that offer greater workplace flexibility, significantly fewer have implemented mobile device management or identity and access management solutions to mitigate the increased risks these practices bring.

“Despite these gaps there have been improvements. For example, 71% of organisations report having a cybersecurity incident response plan in place compared with 60% in [a 2015 survey],” the report states.

“Now the focus needs to be on ensuring those plans remain relevant. Of all organisations that have incident response plans, less than half (46%) regularly review and exercise these plans. Fifteen per cent either never test the plan, or test it on an ad hoc basis, with 24% testing less than once a year.”

Image courtesy of iaBeta under CC

Follow us on Twitter and Facebook

Related Articles

Public Wi-Fi boosts remote Qld tourism

A plan to switch on free public Wi-Fi across one-fifth of Queensland has been supported by the...

Digital health strategy gets green light

The Council of Australian Governments has approved a national strategy aimed at meeting...

Gov Tech Talks promote benefits of data access

A Tech Talk series has been launched which explains the benefits of greater access to government...


  • All content Copyright © 2017 Westwick-Farrow Pty Ltd