Share this article on:
Proofpoint’s annual report reveals that the rise of artificial intelligence in the workplace is seen as a security risk by the majority of Australian board members.
Seventy-one per cent of those polled see applications such as ChatGPT as a potential problem for their company.
But AI is not the only thing worrying folks in the boardroom. More board members than ever before are concerned about cyber security, with 74 per cent of those polled feeling their company is at risk. In 2022, that number was 52 per cent. Recent high-profile hacks – especially a rash of third-party incidents – have likely fed this newfound apprehension.
Worryingly, 59 per cent of board members don’t feel ready to handle an attack, despite 84 per cent feeling that cyber security is a priority – which is at least well above the global average of 73 per cent. Eighty-eight per cent also expect to increase their security spending over the next 12 months.
“Our inaugural report last year revealed that Australia lagged behind its global counterparts when prioritising cyber security,” said Yvette Lejins, resident chief information security officer for APJ at Proofpoint.
“Now, more than eight in 10 Australian board directors agree that cyber security is a priority for their board, higher than the global average of 73 per cent. But boards still feel unprepared. While it is encouraging to see that cyber security has finally captured the attention of Australian boards, there is much work to be done to implement effective cyber security strategies.”
So, to the nature of the threats that board members are worrying about, the most worrying attack vector is business email compromise attacks, with 53 per cent ranking that as a serious concern. Ransomware ranks second at 40 per cent, and cloud account compromise is on the mind of 31 per cent of board members.
By comparison, when it comes to chief information security officers’ concerns, 36 per cent rate cloud compromise as a chief concern, while ransomware is on the mind of 35 per cent. Distributed denial-of-service (DDoS) attacks worry 34 per cent of CISOs.
But the divide between CISO and board is far wider when it comes to protecting data. Eighty-four per cent of board members are confident they are doing enough, compared to just 49 per cent of CISOs.
Clare O’Neil, Minister for Home Affairs and Cyber Security, feels the results demonstrate the commitment of Australian board members to their fiduciary duties.
“They feel good about the time and resources they are investing into their understanding and managing of cyber risk,” Minister O’Neil said in a statement. “However, their struggle to translate this awareness into stronger security posture indicates directors still have much work to do. The strengthened relationships with CISOs can serve as a catalyst for improving their organisation’s resilience, now that the two sides are speaking the same language.”
“With even greater challenges ahead, maintaining a laser-sharp focus on cyber security remains critical.”
The 2023 Board Perspective Report polled 659 board members, with more than 50 members from Australia, the US, Canada, the UK, France, Germany, Italy, Spain, Singapore, Japan, Brazil, and Mexico. You can read the full report here.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.