Share this article on:
Australians are demanding company executives be held responsible for data breaches, according to new research from Palo Alto Networks.
Findings revealed that 50 per cent of Aussies believe that those in a board director or C-suite role should be blamed, while 92 per cent of Australian’s believe that someone at all must be to blame.
A smaller 44 per cent believe that front-end IT workers are at fault.
However, as Palo Alto Networks VP and regional chief security officer for APJ Sean Duca says, a security breach is more than a single person’s or team’s fault.
“Cyber security is really an organisation-wide effort.”
Seven in 10 Aussies believe that executives are not often held responsible enough, and 67 per cent believe that they should see major fines or jail time when they fail to properly prepare their organisation’s cyber defences.
“IT and security teams may be on the tools, but there is a ceiling as to how strong an organisation’s cyber defences can be and that is set by leadership,” added Duca.
“It’s one thing to invest in the right tools, but to truly protect an organisation, you must have the right processes in place across the board. Education is also key, but this goes beyond a one-off seminar — in addition to regular training, employees need to see cyber security prioritised across the business in order to maintain proper security hygiene.”
In cases of ransomware, just over half (53 per cent) believe that an organisation should not pay bad actors to get out of cyber breaches.
This is a stance taken by the federal government as well, which strongly showed its support for withholding ransom from hackers in the case of the Medibank breach.
For one, there is no guarantee that a hacker will indeed meet their end of the bargain and take down or delete any released information and paying a cyber criminal organisation in the instance of a ransomware breach only rewards crime.
As the top spenders in cyber security, banks are the most trusted by individuals to keep their information secure, while healthcare is equally trusted, despite the recent Medibank breach.
“Australian banks are some of the most digitally advanced in the world and invest heavily in cyber security, so it’s not surprising that Australians trust them more than any other type of business,” said Duca.
“What was surprising is that the majority of Australians trust health care organisations, considering the sensitivity of the data they hold and the sector’s historical underinvestment in cyber security.
“Perhaps, the fact that these are two of the most heavily regulated industries gives Australians some level of comfort that they’d provide adequate cover.”
Technology, social media, and retail are the least trusted at 27 per cent, 33 per cent and 34 per cent, respectively. Only half off individuals put faith in government institutions to secure data.