ra2 studio – stock.adobe.com
Over half of Australian organisations have not invested enough in cyber security in the past three years, with nearly one in five believing it was not a priority, a new study has found.
The underinvestment was more stark among small companies, of which 69% had not invested enough in cyber security, according to the study conducted by Netskope, a supplier of secure access service edge (SASE) services.
Major data breaches over the past year, however, have cast the spotlight on cyber security, with over three-quarters (77%) of 300 respondents who participated in the study noting that their leadership’s awareness of cyber threats had increased.
Some 70% also noted an increase in their leadership’s willingness to bolster investments – the proportion of organisations that are planning bigger cyber security budgets between 2022 and 2023 jumped to 63%, compared with 45% that saw increases between 2020 and 2022.
This increase is most pronounced among larger organisations with over 200 employees, where over 80% are increasing cyber security budgets. Among small firms with fewer than 20 employees, 41% planned to spend more on cyber security between 2022 and 2023, up from just 23% between 2020 and 2022.
“The data breaches that occurred last year deeply impacted the Australian community, but it seems there are some positives to draw from those events,” said David Fairman, chief information officer and chief security officer for Asia-Pacific at Netskope.
“In the last decade, attitudinal gaps between technology and business leaders regarding cyber security have been a key factor slowing down cyber security improvements, and it seems that both teams are now – at last – on the same page, ready to bolster cyber defences for their organisation and customers.
“Even though no organisation is ever fully protected from cyber threats, we need this united front to show cyber criminals that we won’t make it easy for them and Australia won’t be an easy target anymore,” he added.
How well an organisation responds to cyber security incidents is an indicator of its cyber resilience. According to Netskope’s research, just 27% of Australian tech leaders today have well-defined and stringent incident response plans to face a variety of scenarios, and regularly exercise them.
Furthermore, there is no consensus on how to handle an incident. The survey respondents were divided, with just half (51%) stating they would be unlikely to pay if they were victims of ransomware.
They also pointed out other impediments, with 17% of tech leaders noting that the lack of prioritisation of cyber security among business and technology leadership was the biggest obstacle to cyber security improvements.
Fairman also noted the lack of “financial or human resources to bring their plans to fruition, especially in a challenging economic environment with ongoing geopolitical instability”.
“As a country, we need to do what we can to accelerate the production of industry professionals and graduates, making use of both public and private initiatives,” he said.
The Australia government plans to develop a new cyber security strategy that aims to strengthen the country’s critical infrastructure, among other goals, following a spate of high-profile cyber attacks against Australian companies including Optus and Medibank in 2022.
The strategy will be led by Cyber Security Cooperative Research Centre CEO Rachael Falk, former Telstra CEO Andy Penn, and former chief of air force Mel Hupfeld. There will also be an expert panel drawn from around the world, led by former UK National Cyber Security Centre CEO and Oxford University professor Ciaran Martin.
Technology products remain a mixed inflationary bag as server prices increase, storage costs decline and equipment delivery lead …
In its pursuit of big tech companies, the FTC theorizes their dominance is based on acquisition of nascent companies — a theory …
Two upcoming Supreme Court cases could significantly change how Section 230, which protects social media platforms from liability…
GoDaddy took nearly three months to disclose that attackers breached the company in a multi-year campaign, and customers are …
A new report from Google’s Threat Analysis Group shed light on Russia’s efforts to conduct malicious cyber campaigns not only …
A new report from Cyber Security Works shows that 76% of all ransomware-associated vulnerabilities tracked in 2022 were old flaws…
SDN controller features include modularity, APIs, clustering and GUIs. Read more in this chapter excerpt from ‘SDN-Supported …
Cisco and Arista’s latest earnings reports show that companies are upgrading campus networks and distributing more applications …
Cisco Viptela SD-WAN integration with Cisco+ Secure Connect brings cloud-based security to remote workers and easier …
Organizations that build 5G data centers may need to upgrade their infrastructure. These 5G providers offer products like virtual…
IBM lost its title as patent king to Samsung, which had more than 8,500 patents approved in 2022. One reason cited is IBM’s …
Organizations stand to benefit from the compute power of quantum computing as it develops. The tech has potential uses in supply …
Enterprise Strategy Group research shows organizations are struggling with real-time data insights. A single source of truth can …
The vendor is the creator and lead sponsor of the open source InfluxDB database and plans to use the new funding to further …
Organizations are using cloud technologies and DataOps to access real-time data insights and decision-making in 2023, according …
All Rights Reserved, Copyright 2000 – 2023, TechTarget
Privacy Policy
Cookie Preferences
Do Not Sell or Share My Personal Information
Leave a Reply