Disconnect between IT workers and employers about cybersecurity
Research from Bitdefender has revealed the growing concerns and frustrations of Australian IT professionals. The ‘Hacked Off!’ 10 in 10 Research Report explored the gap between how security decision-makers and infosec professionals view the current security landscape, highlighting the changes that they will need to make in the upcoming months and years. In the face of increasingly complex attacks as well as the increasingly sophisticated state-sponsored cyberwarfare, infosec professionals are overwhelmed, outmatched and demanding more from their business.
More than 300 Australian security professionals were surveyed, with 66% stating that cyberwarfare is a growing threat to their organisation, while 56% determined that the threat is ‘significant’ and warrants the appropriate training and investment to fight. This comes as Australian businesses and their employees struggle to navigate the dangers and complexities of workplace cybersecurity amidst COVID-19.
There is a disconnect between understanding cybersecurity risks among leaders and employees, with 38% of IT staff feeling that leaders cannot grasp the concept of cyber attacks, while 34% of IT workers believe employees suffer the same issue. This lack of awareness bleeds across to other cybersecurity issues, with 28% of CSIOs believing leaders don’t understand the scale at which security needs to grow, while 29% believe employees don’t understand that cybersecurity solutions are not entirely foolproof.
Demetrio Georgiou, Bitdefender ANZ Chief, notes that human error is the weakest link in organisational cybersecurity. “In the last few years we’ve seen the complexity of attack grow tenfold, and businesses start to invest in the appropriate training for employees. Culturally, we’re all still suffering from this outdated mindset that ‘cybersecurity is an IT problem’. It’s a sentiment reflected year over year in the Hacked Off research,” said Georgiou.
When surveyed, 33% of IT workers felt that business leaders do not understand that cybersecurity is everyone’s responsibility, not just IT’s, while 34% of IT workers noted that they felt this applied to employees as well. The figures indicate an internal disconnect, where IT teams are viewed as a bandaid solution across the workplace. Due to the current climate, and a lack of understanding of cybersecurity risks, cyberwarfare has increased in 2020, posing a considerable threat to Australian businesses.
With many businesses shifting to remote working environments, 53% of CSIOs believe that devices will be compromised by instances of cyberwarfare, and that state-sponsored attacks will increase in the next 12 months. This data is timely, given Australia’s ongoing threats of being on the receiving end of a state-based cyber attack, fuelled by geopolitical tensions with China. The government’s expansion to the Cybersecurity Package is a response to this, but action across the workplace is needed to protect businesses from cybersecurity dangers.
Georgiou noted that 2020 has been a year of change for the security industry as the security landscape evolves to adapt to the new normal, from distributed workforces to new threats. Amongst the new threats is cyberwarfare, which is of great concern to businesses and the economy, though not everyone is prepared for it.
“The one thing we know is that the security landscape will continue to evolve. Changes will happen, but we can now make sure they happen for better and not for worse. To succeed in the new security landscape, the way we as an industry talk about security has to become more accessible to a wider audience to gain support and investment from within the business. In addition, we have to start thinking about plugging the skills gap in a different way — we have to focus on diversity, and specifically neurodiversity, if we are to stand our ground and ultimately defeat bad actors,” said Georgiou.
New Zealand has added a new privacy principle to the Privacy Act 2020, which adds new...
Australian Cyber Week 2020 has commenced, kicking off a series of events that will showcase the...
The US Department of Justice has won an indictment against six Russian military intelligence...