It looks like the message is finally getting through after a recent survey found over half of Australian and New Zealand businesses increased their cyber security spend last year.
A new report by Australia’s Cyber Emergency Response Team (AusCERT) showed that 58% of organisations across the region bumped up their spending in 2017.
The study collated responses from more than 500 workers across a variety of industry sectors with 85% from Australia and 15% from New Zealand.
Overall, the data indicated a 35% year-on-year increase in security investment and found that 87% of respondents were more confident in their ability to react to cyber security incidents. According to researchers, the boost in confidence can be attributed to better education, improved business strategy and clearer management responsibility related to cyber security.
As well as analysing sentiment towards cyber security, the survey also explored which incidents are most common – with phishing and email attacks identified as the most prevalent, followed by ransomware and malware.
Professional, scientific and technical services, and education and training, were the industries which experienced the highest amount of phishing scams.
The report also noted a growing trend towards business email compromise scams which not only became more common in the past year but also more sophisticated.
“In these scams, the cyber criminals use social engineering tactics to trick employees authorised to request or conduct wire / bank transfers,” read the report.
“Fraudsters usually spoof or hack the emails of senior executives at the organisation and use email to instruct lower level employees to conduct a bank transfer to a fraudulent account.”
Unsurprisingly, organisations that performed regular risk assessments experienced 25% fewer ransomware attacks, 25% fewer data breaches of third party providers and 3% less phishing and targeted malicious emails.
The survey also revealed that organisations which reported improvements in security controls also experienced fewer cyber security incidents with 52% less malware and trojan infections reported, 37% less ransomware and 29% less data loss or theft of confidential information.
The survey also showed that 27% of organisations incurred data recovery costs from cyber incidents, which was an improvement from the 31% reported in 2016.
In addition, 8% of organisations that experienced a cyberattack lost access to their systems for several days, which was consistent across both years.
source: Insurance Business Mag online