Australian IT leaders take email threats seriously

Over half of IT security professionals report experiencing an email hack and breach, and Australia stands out as having a high email threat awareness, according to research from Mimecast.

A survey of security professionals in five markets including Australia shows that 55% of Australian respondents admit to encountering an email breach, compared to 24% in the US, 26% in the UK and 30% in South Africa.

The research also indicates that Australia has higher levels of confidence in current email security solutions than their peers in the other markets.

Australians also spend an average of 10.4% of their annual IT budgets on email security, slightly ahead of the average of the five countries of 9.97%.

The survey also suggests that Australian respondents take email security risks more seriously than the average. Some 15% reported that they consider email to be the number one entry point of attack, more than all other countries surveyed.

And 17% of Australian respondents regard email as an extremely high threat, compared to 17% in the US and 10% in the UK and South Africa.

Australians consider malicious insider threats, mobile malware and ransomware to be among the top email security threats. Some 61% provide broad security and safety training for employees.

Yet the research also shows that 65% of the respondents across the five countries don’t feel fully prepared against future potential attacks.

“Our cybersecurity is under attack and we depend on technology, and email in particular, in all aspects of business. So it’s very disconcerting to see that while we might appreciate the danger, many companies are still taking too few measures to defend themselves against email-based threats in particular,” Mimecast CEO Peter Bauer said.

“As the cyber threat becomes more grave, email attacks will only become more common and more damaging. It’s essential that executives, the C-suite in particular, realise that they may not be as safe as they think and take action. Our research shows there is work still to be done to be safe and we can learn a lot from the experience of those that have learnt the hard way.”

The report also shows that Australia has the highest levels of C-Suite engagement with email security and risk management practices at 95%.

But separate research from IBM suggests that key C-suite executives need to be more involved with cybersecurity.

A survey of C-level executives from markets including Australia shows that while 68% believe that security is a top concern and 75% believe a comprehensive security plan is important, around 60% of CFOs, CHROs and CMOs acknowledge they are not actively engaged in cybersecurity strategy and execution.

The research also shows that 70% of CxOs still think that rogue individuals still make up the largest threat to their organisation. According to IMB Security business unit executive for ANZ Glen Gooding, this is not the case.

“It is a little unsettling to see that there are still some real misconceptions amongst the C-Suite when it comes to cybersecurity. There remain some preconceived notions of lone hackers representing the greatest risk, while in reality organised crime syndicates are the biggest threat,” he said.

“In Australia, organised crime is particularly pertinent in the financial services sector and for holders of personally identifiable information. Random attacks are also an issue as many automated hacks are not selective, and therefore simply having insufficient security makes you a target.”

Around 80% of cyberattacks are driven by organised crime rings, the report states.

Finally, while over 50% of CEOs agree that collaboration is necessary to fight cybercrime, only one in three expressed willingness to share their organisation’s cybersecurity incident information externally.

According to the report, this exposes a resistance to coordinated industry collaboration, which puts organisations at a disadvantage compared to the hackers who readily share techniques on the dark web.

Image courtesy of Dennis Skley under CC