cfo-au logo
Story image

80% of Australian companies think cybersecurity investments 'failing'

08 Jun 2020

The acceleration of cyber threats and an increase in risk profile due to COVID-19 has hit the Australian cybersecurity industry hard, with many losing faith in the industry, according to new research.

80% of Australian companies believe their cybersecurity investments are ‘failing’, according to a new report from Accenture – meanwhile, there has been a 50% increase in breaches in Australia from 2018 to 2019.

The research includes a survey of 373 Australian security executive, a huge majority of which (91%) said that their organisations are spending more than 20% of the cybersecurity budgets on advanced technology – such as those that defend against attacks, repair breaches and provide remediation – to bolster their cyber resilience.

A further 70% of Australian respondents stated in the survey that staying ahead of attackers is a ‘constant battle’, with these respondents also revealing the costs incurred while fortifying cyber resilience are ‘spiralling out of control’.

43% of Australian organisations reported cost increases within their cybersecurity space in the last 24 months, and 11% recorded costs rising more than 25% in the same period.

“Now, more than ever, cybersecurity is an increasing challenge for Australian organisations, as the prevalence of sophisticated and insidious cyber-attacks continues to grow,” says Accenture A/NZ security lead Joseph Failla.

“Organisations are grappling with the new and sudden reality of COVID-19 which is putting even greater strain on their already under-pressure security systems.”
 
The Accenture report found that the primary struggle for Australian organisations in the cybersecurity space is vulnerability across the business. 

Shockingly, only 43% of survey respondents reported believing they are ‘actively protected’ by their security programs, while a whopping 90% of all Australian breaches lasted more than 24 hours.

Some further findings from the report:
  • More than half (58%) of breaches in Australian companies are identified by the security team.
  • 38% of security breaches at Australian organisations are indirect attacks that target weak links in the supply chain.
  • 38% of breaches have ‘no impact’ on organisations.
  • Almost three-quarters (71%) of breaches were fixed in less than 15 days.

Failla says the importance of high-quality cybersecurity strategies cannot be overstated, especially considering the skyrocketing risk profiles and cost of breaches during the COVID-19 era.

“Using threat intelligence and more strategic approaches to cybersecurity can help Australian organisations stay protected and better equipped to respond effectively when the enemy strikes,” says Failla.

“By becoming more resilient and agile, businesses will be able to grow confidently through this turbulent time.”