- 10 May 2019 16:41
Research Finds Phishing Attacks Constitute Biggest Security Threat Vector Faced by Australian Business As Companies Struggle to Combat a Rising Climate of Cybersecurity Compromise
Sydney – 10 May 2019 – More than one in four (44 per cent) of Australian businesses viewed phishing as the biggest security threat faced by their business in 2018 while ransomware, password and business email compromise continued to beset organisations in the last calendar year. At the same time, Australian chief information security officers continued to struggle to combat a rising climate of cybersecurity compromise, often taking weeks to detect and deal with security breaches.
That’s according to the CSO Security Capabilities Survey 2019* commissioned by LogRhythm, the Security Intelligence Company which found that more than half (55 per cent) of respondents said they were able to detect their last security incident within hours while 16 per cent percent said it had taken them up to a week to detect their last security incident – and seven percent had taken even longer.
“These delays really do raise serious concerns for Australian businesses, which since the introduction of the Notifiable Data Breaches (NDB) scheme, have been legally obliged to detect and report on breaches as rapidly as possible,” said Joanne Wong, Marketing Director Asia Pacific and Japan, LogRhythm. One might well conclude that if businesses cannot detect and evaluate a data breach, the consumer protections put in place by the NDB scheme offer scant chance of remediating breach damage.”
The survey also found that 52 percent of respondents are streamlining their security technologies to reduce the complexity of their environments for their people. Just under half (48 per cent) of these organisations are now turning to automation to assist employees transition away from security monitoring to focus on value adding tasks.
Other respondents said they were focused on implementing managed services, careful application of software updates, security awareness programs, incident response plans, and extensive training and upskilling of their people to support their employees.
Australian companies still vary in maturity when it comes to adopting automation. Half of respondents said they had applied automated incident detection and response (IDR) to less than half of their infrastructure. Sixteen percent said they had successfully rolled out automated incident detection and response capabilities across their entire infrastructure. This suggests there is still a long way for Australian businesses to go when it comes to deploying the cybersecurity scalability to match the growing demands of digital transformation.
When asked about budgets, 44 per cent of respondents said their security budgets would increase by five per cent or more in 2019 – although an almost equal percentage (46 per cent) said their budget would stay the same.
Finally, the survey found that security executives are facing a steady onslaught of risks in 2019 from malware and zero-day threats, identity theft, business email compromise, data loss, poor patching, credential theft, and data exfiltration. In addition, there was a growing risk of nation state-sponsored attacks; web site hacks leading to theft of customer information; man-in-the-middle WiFi attacks; cryptojacking; cloud security breaches; malicious mobile apps; insecure third parties; and Internet of Things devices.
The broad spectrum of responses confirms that security executives are facing a steady barrage of attacks that target access credentials, weaknesses in devices, and potential weaknesses in the extended connectivity chains that cloud computing and managed service provision have created.
When asked how they would meet the threats they face in 2019, respondents said that more advanced email and web security gateways, AI-based endpoint security systems, tighter control over user access rights, SIEM systems, application whitelisting, tools for secure coding, and offline backups were some of the critical tools being evaluated for improving their cyber posture.
“Ultimately, one of the greatest challenges IT teams face today is protecting their organisations from advanced and potentially costly attacks while operating with a limited budget and even fewer resources. This is certainly not an easy task, but with the proper approach, it’s also not impossible to protect your organisation’s data and critical systems without impacting the agility of the business or increasing IT costs,” said Wong.
LogRhythm is a world leader in NextGen SIEM, empowering organisations on six continents to successfully reduce risk by rapidly detecting, responding to, and neutralising damaging cyberthreats. The LogRhythm NextGen SIEM Platform combines user and entity behaviour analytics (UEBA); network detection and response (NDR); and security orchestration, automation, and response (SOAR) in a single end-to-end solution. LogRhythm’s Threat Lifecycle Management (TLM) framework serves as the foundation for the AI-enabled security operations center (SOC), helping customers measurably secure their cloud, physical, and virtual infrastructures for both IT and OT environments. Built for security professionals by security professionals, the LogRhythm NextGen SIEM Platform has won many accolades. For more information, visit logrhythm.com.
* The survey of 100 respondents was conducted between February – April 2019.