Cybersecurity breaches hit 63 per cent of Australian organisations, new CompTIA research reveals

0

71 per cent of organisations experienced mobile security incidents

May 5, 2016 – 63 per cent of Australian organisations have been plagued by at least one security breach or incident in the past year, according to a new report by CompTIA, the non-profit association for the technology channel, and broader industry.

The report, International Trends in Cybersecurity, revealed that self-reported security breaches were most prevalent in India (94 per cent), Malaysia (89 per cent), Thailand (88 per cent), Brazil (87 per cent) and Mexico (87 per cent). Organisations in Japan (39 per cent) and the United Arab Emirates (40 per cent) reported the lowest percentages of self-reported security incidents.

More than 1,500 business and technology executives in 12 different countries were surveyed. The report includes data from Australia with 125 respondents, Brazil, Canada, Germany, India, Japan, Malaysia, Mexico, South Africa, Thailand, the UAE, and the United Kingdom.

The study also found that mobile security incidents are occurring at a higher rate with 71 per cent of Australian organisations reporting a mobile-related security incident such as lost device, data policy violation, or staff disabling security features.

Mobile incidents were reported at the highest percentages in Thailand (95 per cent) India (91 per cent) and Mexico (89 per cent); and in the lowest percentages in Japan (60 per cent), the UAE (60 per cent) and the UK (64 per cent).

Furthermore, 72 per cent of Australian organisations expect security to become a higher priority over the next two years. The top drivers for a changing approach to security in Australia include:
–        change in IT operations (e.g. cloud, mobility) (41 per cent)
–        reports of security breaches at other firms (33 per cent)
–        internal security breach or incident (32 per cent)
–        knowledge gained from training/certification (28 per cent)
–        change in business operations or client base. (27 per cent)

Moheb Moses, director, Channel Dynamics, and ANZ Community Director, CompTIA, said, “Due to the evolving nature of IT, most organisations have had to change the way their company approaches security. In Australia, as in many other countries, the greatest change has been in IT operations, especially as firms move to cloud or implement new mobility strategies.”

Amy Carrado, senior director, research and market intelligence, CompTIA, said, “The importance of cybersecurity knowledge and readiness continues to grow regardless of geography, with 79 per cent of companies internationally expecting cybersecurity to become a higher priority over the next two years.”

The study also revealed that human error is becoming more of a cybersecurity factor for companies with 61 per cent of Australian organisations reporting it as a major contributor to security risk (compared with 58 per cent internationally).

Top sources of human error include:
–        failure to get up to speed on new threats (37 per cent)
–        end user failure to follow policies and procedures (31 per cent)
–        general carelessness (28 per cent)
–        intentional disabling of security features (28 per cent)
–        lack of expertise with websites and applications (27 per cent)
–        IT staff failure to follow policies and procedures (25 per cent).

Australian organisations are taking steps to assess and improve cybersecurity knowledge among their employees. Practices include new employee orientation, ongoing training programs, online courses and random security audits.

But the results so far have been mixed. Only 23 per cent of organisations rate their cybersecurity education and training methods as extremely effective. Making employee training mandatory, more comprehensive training delivered more often and follow-up tests and assessments are some of the steps that would improve effectiveness, executives said.

International Trends in Cybersecurity is based on an online survey of 1,509 business and technology executives (125 in Australia) conducted by CompTIA in January and February 2016. The complete report is available free of charge with a simple registration.

To download the report visit:https://www.comptia.org/resources/international-trends-in-cybersecurity.

Share.