Aussie orgs still struggling to identify cyber risk

New research from global cybersecurity firm Trend Micro has revealed that 48% of Australian organisations feel their cyber risk assessments are not sophisticated enough — exposing them to ransomware, phishing, IoT and other threats. Respondents also indicated that overly complex tech stacks and lack of awareness from leadership are exacerbating issues.

Many Australian organisations are struggling with manual approaches to attack surface mapping (20%), and 48% report difficulty working with multiple tech stacks. This may explain why only around 35% are able to accurately detail any one of the following based on risk assessments:

• Risk levels for individual assets
• Attack attempt frequency
• Attack attempt trends
• Impact of a breach on any particular area
• Industry benchmarks
• Preventative action plans for specific vulnerabilities.
   

Ashley Watkins, Trend Micro Vice President ANZ, said siloed solutions complicate matters.

“We already knew that organisations are concerned about a fast-expanding digital attack surface with limited visibility. Now we know that they also need urgent help to discover and manage cyber risk across this environment. In many cases, the challenge is compounded by siloed point solutions. Organisations must search for a single platform that gives them the certainty and security they require,” Watkins said.

Over one-third (35%) of Australian IT and business decision-makers interviewed say that assessing risk is the main area of attack surface management they struggle with. As a result, over 78% feel exposed to ransomware and IoT attacks, and 87% feel exposed to phishing.

The inability of organisations to accurately assess attack surface risk also keeps business leaders in the dark. 47% of respondents struggle to quantify risk exposure to leadership, and only 71% believe their C-suite fully understands cyber risk at present.

The good news is that there’s a clear opportunity here for organisations to leverage third-party expertise.

Almost two-fifths (37%) of respondents are already invested in a platform-based approach to attack surface management, while half (50%) of respondents say they’d like to do the same. Of those who’ve already made the move, improved visibility (34%), better scalability (34%) and faster breach detection (33%) are the most cited advantages.

More report details are available here.

Image credit: ©stock.adobe.com/au/Евгений Якимович