AUSTRALIA – 63% of Australian business may have been hit by at least one security breach, according to results from the latest CompTIA International Trends in Cybersecurity report .
The findings have raised eyebrows – the percentages are very high and mean that the majority of Australia’s medium to large enterprises have been breached.
In Australia, 61% of companies say human error plays the largest part in business security breaches especially for companies in maturing economies. Whether it is being fooled by spear phishing emails, practicing poor password and authentication hygiene, or for financial gain by selling logins and passwords it immaterial.
To counter those threats, 90% of companies now have security training to assess or improve knowledge among employees. Many organizations are also putting a greater value on hiring employees who have IT security certifications, illustrating the increasing demand for professionals with those advanced skills. 80% of IT managers indicate that IT security certifications are very valuable (38%) or valuable (42%) regarding validating security-related knowledge/skills or evaluating job candidates.
Mobile security incidents are occurring at a higher rate with 71% of Australian organisations reporting a mobile-related security incident such as lost device, data policy violation, or staff disabling security features.
Mobile incidents were reported at the highest percentages in Thailand (95%) India (91%) and Mexico (89%); and in the lowest percentages in Japan (60%), the UAE (60%) and the UK (64%).
72% of Australian organisations expect security to become a higher priority over the next two years. The top drivers for a changing approach to security in Australia include:
Change in IT operations (e.g. cloud, mobility) (41%)
Reports of security breaches at other firms (33%)
Internal security breach or incident (32%)
Knowledge gained from training/certification (28%)
Change in business operations or client base. (27%)
Moheb Moses, director, Channel Dynamics, and ANZ Community Director, CompTIA, said: “Due to the evolving nature of IT, most organisations have had to change the way their company approaches security. In Australia, as in many other countries, the greatest change has been in IT operations, especially as firms move to cloud or implement new mobility strategies.”
Australian organisations are taking steps to assess and improve cybersecurity knowledge among their employees. Practices include new employee orientation, ongoing training programs, online courses and random security audits. 23% rate their cyber security education and training methods as extremely effective.
Amy Carrado, senior director, research and market intelligence, CompTIA, said, “The importance of cyber security knowledge and readiness continues to grow regardless of geography, with 79% of companies internationally expecting cyber security to become a higher priority over the next two years.”
ESET, a digital protection company, has observed this significant increase in security breaches in organisations and has commented on how to identify and prevent this security risk.
Nick FitzGerald, Senior Research Fellow at ESET, said: “The information stored by organisations can be very valuable and profitable for e-criminals. We have seen an increase of these breaches as there is more and more data available such as customer names, addresses, social security numbers and so on. The problem is that security breaches can come from failing to install a secure system, from compromised credentials and often from human error.”
“Security breaches often come from issues with passwords. The security afforded by passwords is overestimated, being further weakened by users sharing passwords across organisations, devices and even with colleagues. Organisations don’t always realise they put their data at significant risk by allowing this.”
From www.ITwire.com
The post Report of high percentage of security breaches raises concern for Australian businesses appeared first on SSN-Gulf.