Since 2018, the Australian and New Zealand industry has seen a positive shift in leadership engagement and cyber security awareness. While some of this may be attributed to changes in data protection regulations, it's encouraging to see enhanced cyber maturity, management getting more involved and more businesses adopting cyber security awareness training.
Fast forward to 2020, and in the current COVID-19 environment,‘working from home’ is no longer the exception but the rule. As such, there is an overlap between the work and personal lives of staff, which has a flow-through effect on the threat and risk profiles for organisations and data exchange. The willingness and capability for organisations to recognise and adjust to this modern way of operating is a key theme of the 2019 Cyber Security Survey report recently published by BDO and AusCERT.
As the way we work changes, the complexities in identifying and addressing information security risk can be difficult, not just for individuals and small to medium businesses, but for larger organisations as well. This report delves into the evolving threat landscape, the increased risk of employee insider threat, changes to security control investments, data breaches and how to defend your business in 2020 and beyond.
According to the report’s findings, it is “imperative that organisations take a threat-based approach and work to truly understand the types of threats they face and the most effective ways to defend against them.” BDO and AusCERT identified a set of trends as a result of the survey, highlighting that respondents continued to underestimate the threat landscape. With threats and risks changing over time and cyber attacks continuing to change in complexity and sophistication, organisations are constantly under fire.
The key trends from the report identified that:
- “In 2019, data breaches via insider threats were more than twice as common as expected
- Respondents have consistently underestimated the prevalence of data breaches caused by insider threats
- Phishing, malware and Business Email Compromise (BEC)/Payment Redirection Fraud attacks were the most common in 2019.”
In response to these trends, survey respondents highlighted that they were using governance processes to increase risk visibility, and adopting more holistic approaches to effectively identifying and managing cyber security risk. This led to respondents feeling 50% more confident in responding to incidents and facing 30% fewer incidents.
In the cyber security world it can sometimes feel as though we are constantly under attack, and that every day brings with it new challenges and threats. And while this is true, we are also seeing organisations increasingly come together to fight off these threats. As cyber security practitioners, risk decision-makers and business leaders, it is our responsibility to ensure we share our information and resources, to support each other in staying one step ahead of our adversaries. As such, we highly recommend you take the time to download the full report by BDO and AusCERT here. May it help you to continue the fight against cyber crime, and ensure the growth of your organisation.
AusCERT is Australia’s pioneer cyber emergency response team. We provide members with proactive and reactive advice and solutions to current threats and vulnerabilities. We’ll help you prevent, detect, respond and mitigate cyber-based attacks.
Social Media links: