Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

74% of ANZ businesses suffered a data breach from a cyber attack

Cyber attacks are hitting Australian and New Zealand organisations at an unprecedented rate, according to new research from asset intelligence cyber security company Armis.

user icon Daniel Croft
Wed, 08 Nov 2023
74% of ANZ businesses suffered a data breach from a cyber attack
expand image

According to the findings, 74 per cent of businesses in Australia and New Zealand suffered a breach as a result of a cyber attack within the last year. Forty-one per cent said that they faced multiple breaches in that time.

A large number of these businesses face major consequences as a result of a breach, with 42 per cent suffering financial losses and 41 per cent suffering from operational downtime.

According to Armis’ findings, the problem comes as a result of issues with security management. On average, just over half (57 per cent) of network assets are monitored, meaning 43 per cent are left in the dark.

============
============

Furthermore, in organisations in the ANZ region, only 49 to 53 per cent of processes related to threat intelligence are automated, meaning many rudimentary tasks are still done manually, adding to the monumental workload that cyber professionals face.

Professionals are absolutely overwhelmed with the current cyber environment, with cyber attacks becoming much more frequent. Making matters worse, these professionals are forced to juggle 10 to 13 different asset management tools on average, alongside 10 threat intelligence sources, adding even more to their workload.

Nineteen per cent of organisations said they feel overwhelmed by cyber threat information, of which only 55 per cent gathered from threat intel sources is actionable.

“In the wake of two significant cyber attacks within the region, both the public and private sectors are taking substantive steps to optimise around cyber resiliency,” said Curtis Simpson, chief information security officer at Armis.

”As businesses look to invest in technologies at scale, it’s important to ensure that business resiliency remains a core requirement.

“Understanding how technical assets relate to business systems and value streams and how they ultimately roll up to the broader business capabilities and strategies is critical to ultimately driving the right proactive and reactive priorities.

“This, in turn, allows for greater resilience and the enhanced protection of an organisation’s overall attack surface.”

The changing nature of work is making sticking to a cyber security plan even more difficult. With more and more workers leaving the office for home work, there is less control over the devices on a business network.

Armis found that 55 per cent of organisations feel they have a lack of complete control over personally provided devices.

On top of this, gaps in the enforcement of bring-your-own-device (BYOD) policies leave the gates open for activity, meaning staff could be visiting dangerous sites or downloading risky programs. Twenty-three per cent of respondents said they have a BYOD policy that is not enforced, while 28 per cent said they don’t have them at all.

Most concerningly, Australia and New Zealand responded with the highest percentage of occurrences of employees downloading “software and applications onto connected assets in the business environment”, with the number reaching 80 per cent.

“The threat landscape is constantly evolving, affected by global trends such as the explosion of connected assets and remote work models,” said Jeroen Nooijen, regional vice-president, EMEA and APJ, at Armis.

“To manage the complex and challenging security environment created by these changes, and the related risks introduced, organisations need to ensure they are proactive in their security strategy based on the needs of the business in real time.

“Only by seeing, securing and managing the entirety of their environment on an ongoing basis can companies truly protect their most critical systems and assets.”

The full Armis report can be found on the company’s website.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.