cfo-au logo
Story image

Australian employees are weakening organisations' security posture - report

20 Apr 2020

Inappropriate IT use by Australian employees is the single biggest weak spot in an organisation’s cybersecurity posture, according to a new report from Kaspersky released today.

Almost half (49.4%) of all security incidents in 2019 occurred as a result of ‘inappropriate usage’ by employees, with a further 42.9% of incidents being caused by inappropriate data sharing across mobile devices by employees.

The survey, which quizzed approximately 5,000 global businesses, with about 250 of them being Australian, found that cybercriminals are increasingly exploiting IT systems as they get more complex, tailoring their attacks to take advantage of weaknesses in new technologies.

“Many businesses have now been forced to quickly adapt to a home workforce during COVID-19,” says Kaspersky A/NZ senior security researcher Noushin Shabab.

“With an increased dependency on mobile devices, remote working using cloud applications and data being used from more locations, the risk of cyberattacks in 2020 is set to skyrocket if businesses don’t quickly close gaps in their security and focus on the way they’re using cloud services.”

“It also helps to double-check mobile device protection to have anti-theft capabilities enabled, such as remote device location, lock and wipe of data, screen lock and password, and Face ID or Touch ID,” says Shabab.

The research also indicates that 36.5% of Australian businesses have been involved in an incident through a third-party cloud service that their employees used in the past year. 

Despite increasing security vulnerability on mobile devices, only 8.5% of Australian survey respondents ranked security issues with mobile devices as their most important security issue.

Meanwhile, almost half of all breaches in China in 2018-2019 stemmed from mobile devices.

The survey found that when it comes to budgets, about two-thirds of Australian businesses expected to increase IT budgets over the next three years with much of that to happen over the next year. 

However, about 28% of Australian enterprises and SMBs currently allocate less than 10% of their IT budget to security with around 40% allocating between 10% and 25% to security. 

“Our findings show that Australian businesses vastly underfund their security measures compared to global counterparts with 11.7% of businesses globally allocating more than half their IT budget on security,” reports Shabab.

This illustrates a growing discrepancy between budget allocation to cybersecurity and the huge cost of potential data breaches, which could be crippling to some businesses if they don’t take preventative measures.

26.4% of Australian small businesses reported that they lost between AUD$3,000 and $15,000 through attacks in 2018-2019.

The research found that in 2018-2019, 38.5% of respondents reported losses under $100,000, 20.9% reported losses between $100,000 and $249,000, and 19.8% reported losses up to $1 million, with 20.9% reporting incidents costing in excess of $1 million.

Story image
IDC names ESET a Major Player second year running
“ESET is strong in the areas of threat research, especially around Android malware identification and behavior detection.”More
Link image
Join Nintex on 3 December for Workflow Wonders: TLC for Kids
TLC for Kids is a charity that puts smiles back on childrens’ faces during times of illness. Learn how the charity leverages Nintex to free up resources so it can focus on what really matters. Nintex will donate A$5 for each registration to TLC for Kids! Find out more.More
Story image
DevSecOps increasingly important, but APAC organisations lagging behind
The rise of DevSecOps comes at a time when IT leaders are faced with an increasingly active cyber threat landscape, coupled with higher consumer expectations of digital offerings and application usage due to a sharp increase in online activities.More
Story image
Why legacy technology is swallowing too much of your IT budget 
Given the restrictions caused by legacy IT infrastructure, why are more organisations not pushing ahead with plans to rid themselves of the burden?More
Story image
42% of Australia’s older workers have lost their job or had hours reduced amid pandemic
Over half of older workers in Australia have been financially impacted by the pandemic, according to a recently released survey from Humanforce.More
Story image
Hybrid cloud is the ideal IT infrastructure model, says majority of IT execs
76% of surveyed IT decision-makers reported thinking more strategically about IT because of the pandemic, and nearly half (46%) have increased investments in hybrid cloud as a direct result of COVID-19.More