Security remains top concern for Aussie businesses
More than half of Australian businesses have been fined for being in breach of new data privacy or other legislation in the past two years, research from Telstra indicates.
The 2019 Telstra Security Report found that 65% of Australian businesses experienced interruption due to a security breach and 48% were targeted by a cyber attack during the past year.
Even detecting and effectively responding to cyber incidents remains a major challenge. While 74% of Australian businesses believe they have strong systems in place to verify when a breach has occurred, 89% estimate that security breaches went undetected in the past year.
Even more concerningly, 19% of Australian businesses estimate that more than half of the data breaches impacting their company went undetected altogether in the past year.
But the introduction of new regulations such as Australia’s own Notifiable Data Breach (NDB) scheme, as well as the EU’s General Data Protection Regulation (GDPR), has left the C-suite more engaged in ever in security.
As a result, 77% of Australian businesses report having cybersecurity incident response plans in place, and more of these are testing them on a monthly basis.
Australian businesses are also faster at detecting businesses than international peers, with 62% reporting that they are able to detect a breach in minutes or hours, compared to just 50% globally.
“Against a backdrop of more frequent and sophisticated attacks and the introduction of new regulations that force the public disclosure of breaches, companies are now more aware of the threat of reputational damage and the erosion of customer trust caused by cyber breaches,” Telstra Enterprise Group Executive Michael Ebeid said.
“Our research found that customer concern around data privacy has increased within the past year according to 38% of respondents, which compares to 46% globally.”
The report also found that while most respondents have adopted policies and safeguards against ransomware attacks, among the respondents that reported interruptions due to a security incident in the past 12 months, 32% indicated interruptions on a weekly or monthly basis traced to ransomware attacks.
Ignoring repeated warnings by security experts, more than half of ransomware victims reported paying the ransom, but only 77% of these were able to retrieve the data — down from 86% last year.
But despite paying up being even less of a guarantee than ever that businesses will retrieve the data, 79% of those who paid the ransom said they would do so again if there was no backup for the impacted data.
The OAIC's quarterly and annual Notifiable Data Breach reports find that cyber attacks are...
The federal government has announced a wide-ranging $156 million investment in cybersecurity as...
Microsoft has admitted that attackers were able to use compromised privilege customer support...