Security Market Segment LS
Friday, 15 May 2020 12:07

Australians ahead of global counterparts with security concerns

By

Australian IT professionals potentially have greater concerns about the security of company financials and intellectual property than the global average, according to a new global study which found that Australian respondents appear nearly 4.5 times more concerned about these areas of security than their home security, compared to the 3 times global response.

According to the third annual Oracle and KPMG Cloud Threat Report 2020 report, data security is creating “fear and trust issues” for IT professionals.

The study of 750 cybersecurity and IT professionals found:

  • IT professionals are 3 times more concerned about the security of company financials and intellectual property than their home security.
  • IT professionals have concerns about cloud service providers; 80% are concerned that cloud service providers they do business with will become competitors in their core markets.
  • 75% of IT professionals view the public cloud as more secure than their own data centres, yet 92%of IT professionals do not trust their organisation is well prepared to secure public cloud services.
  • Nearly 80% of IT professionals say that recent data breaches experienced by other businesses have increased their organisation’s focus on securing data moving forward.

And the study reveals that Australia shows an even greater appetite than the global average for leveraging artificial intelligence, machine learning (AI/ML) capabilities, which 100% of IT professionals see as a “must-have” for new security purchases, compared to 87% globally.

Findings revealed that:

  • In Australia 68% of IT professionals view the public cloud as more secure than their own data centres – a lower than the global average of 75%, perhaps because 95% of IT professionals also say that they do not trust their organization is well prepared to secure public cloud services.
  • Australia has a higher opinion compared to the 70% global average that too many specialised tools are required to secure their public cloud footprint, with 75% being of this opinions
  • In Australia, more organisations than the global average shared that employees with privileged cloud accounts have had those credentials compromised by a spear phishing attack – 70% as compared to 59% globally.
  • In Australia, a marked difference is that fewer than the global average (73%) of organisations have or plan to hire a CISO with more cloud security skills (63 percent). Similarly fewer organisations have added a brand new role called the Business Information Security Officer (BISO) to collaborate with the CISO and help integrate security culture into the business (45% as compared to 53% globally).

 Overall, globally the study found that a patchwork approach to data security, misconfigured services and confusion around new cloud security models has created a crisis of confidence for cybersecurity and IT professionals that will only be fixed by organisations making security part of the culture of their business.

And according to the study IT professionals are using a patchwork of different cybersecurity products to try and address data security concerns, but face an “uphill battle as these systems are seldom configured correctly”, with findings revealing:

  • 78% of organisations use more than 50 discrete cybersecurity products to address security issues; 37 % use more than 100 cybersecurity products.
  • Organisations who discovered misconfigured cloud services experienced 10 or more data loss incidents in the last year.
  • 59% of organisations shared that employees with privileged cloud accounts have had those credentials compromised by a spear phishing attack.
  • The most common types of misconfigurations are:

             - Over-privileged accounts (37%)

             - Exposed web servers and other types of server workloads (35%)

            -  Lack of multi-factor authentication for access to key services (33%)

According to Oracle and KPMG,organisations are moving more business-critical workloads to the cloud than ever before, “but growing cloud consumption has created new blind spots as IT teams and cloud service providers work to understand their individual responsibilities in securing data”.

They say this confusion has left IT security teams scrambling to address a growing threat landscape:

  • Nearly 90% of companies are using software-as-a-service (SaaS) and 76% are using infrastructure-as-a-service today (IaaS); 50% expect to move all their data to the cloud in the next two years.
  • Shared responsibility security models are causing confusion; only 8% of IT security executives state that they fully understand the shared responsibility security model.
  • 70% of IT professionals think too many specialised tools are required to secure their public cloud footprint.
  • 75% of IT professionals have experienced data loss from a cloud service more than once.

Oracle and KPMG say that to address increasing data security concerns and trust issues, cloud service providers and IT teams need to work together to build a security-first culture, including hiring, training, and retaining skilled IT security professionals, and constantly improving processes and technologies to help mitigate threats in an increasingly expanding digital world.

The study found that:

  • 69% of organisations report their CISO reactively responds and gets involved in public cloud projects only after a cybersecurity incident has occurred.
  • 73% of organisations have or plan to hire a CISO with more cloud security skills; over half of organizations (53%) have added a brand new role called the Business Information Security Officer (BISO) to collabor ate with the CISO and help integrate security culture into the business.
  • 88% of IT professionals feel that within the next three years, the majority of their cloud will use intelligent and automated patching and updating to improve security.
  • 87% of IT professionals see AI/ML capabilities as a “must-have” for new security purchases in order to better protect against things like fraud, malware and misconfigurations.

“The lift-and-shift of critical information to the cloud over the last couple of years has shown great promise, but the patchwork of security tools and processes has led to a steady cadence of costly misconfigurations and data leaks. Positive progress is being made, though,” said Steve Daheb, Senior Vice President, Oracle Cloud.

“Adopting tools that leverage intelligent automation to help close the skills gap are on the IT spend roadmap for the immediate future and the C-level is methodically unifying the different lines of business with a security-first culture in mind.”

WEBINAR event: IT Alerting Best Practices 27 MAY 2PM AEST

LogicMonitor, the cloud-based IT infrastructure monitoring and intelligence platform, is hosting an online event at 2PM on May 27th aimed at educating IT administrators, managers and leaders about IT and network alerts.

This free webinar will share best practices for setting network alerts, negating alert fatigue, optimising an alerting strategy and proactive monitoring.

The event will start at 2pm AEST. Topics will include:

- Setting alert routing and thresholds

- Avoiding alert and email overload

- Learning from missed alerts

- Managing downtime effectively

The webinar will run for approximately one hour. Recordings will be made available to anyone who registers but cannot make the live event.

REGISTER HERE!

LAYER 1 ENCRYPTION A KEY TO CYBER-SECURITY SOLUTION

Security requirements such as confidentiality, integrity and authentication have become mandatory in most industries.

Data encryption methods previously used only by military and intelligence services have become common practice in all data transfer networks across all platforms, in all industries where information is sensitive and vital (financial and government institutions, critical infrastructure, data centres, and service providers).

Get the full details on Layer-1 encryption solutions straight from PacketLight’s optical networks experts.

This white paper titled, “When 1% of the Light Equals 100% of the Information” is a must read for anyone within the fiber optics, cybersecurity or related industry sectors.

To access click Download here.

DOWNLOAD!

Peter Dinham

Peter Dinham - retired and is a "volunteer" writer for iTWire. He is a veteran journalist and corporate communications consultant. He has worked as a journalist in all forms of media – newspapers/magazines, radio, television, press agency and now, online – including with the Canberra Times, The Examiner (Tasmania), the ABC and AAP-Reuters. As a freelance journalist he also had articles published in Australian and overseas magazines. He worked in the corporate communications/public relations sector, in-house with an airline, and as a senior executive in Australia of the world’s largest communications consultancy, Burson-Marsteller. He also ran his own communications consultancy and was a co-founder in Australia of the global photographic agency, the Image Bank (now Getty Images).

VENDOR NEWS & WEBINARS

REVIEWS

Recent Comments