Cyber risk report highlights decline in Australia malware

Trend Micro has released the Trend 2025 Cyber Risk Report, indicating a continued decline in its Cyber Risk Index score.

The report is based on data from Trend Micro's platform on cyber risk events and detections across various regions and industries. It particularly highlights Australia as a leading country in malware detections globally.

Andrew Philp, ANZ Field CISO at Trend Micro, stated, "Trend customers are embracing our vision for proactive security by using the AI-powered Trend Vision OneTM Cyber Risk Exposure Management to identify risk and prioritise mitigations. By getting on the front foot, they can build resilience, rapidly contain threats, and become more time and resource-efficient. It's an approach that any organisation can emulate with the right mindset and tooling."

Throughout the year, the Cyber Risk Index (CRI) score saw a steady decline from 42.5 in February to 36.3 in December, reflecting progress in cyber risk reduction. The CRI score is a measure of the risk level faced by organisations, categorising them into low, medium, or high risk. Organisations remain in the Medium Risk zone, but the decline suggests a shift toward continuous security assessment and risk-based decision-making.

The report identifies risky cloud app access as the highest-risk event, followed by issues with "stale Microsoft Entra ID accounts." Email, user account, and credential-related risks, predominantly due to misconfigurations, also feature prominently. Notably, over a billion organisations were found to have multi-factor authentication disabled on Entra ID Accounts, indicating a need for improved identity security measures.

Patch management data reveals that Europe and Japan recorded the fastest average mean time to patch (MTTP) for high-severity vulnerabilities, at 23.5 days and 27.5 days respectively. The non-profit and technology sectors were the fastest to patch, while healthcare and telecoms were the slowest. Trend Micro provides virtual patches for customers, which often arrive ahead of official vendor updates.

The report's industry analysis pinpoints education, agriculture, and construction as the sectors with the highest CRI scores in 2024, making them the most exposed. Regionally, Europe led in improvements, with a seven-point reduction in CRI possibly driven by regulatory measures such as NIS2 and DORA.

Ransomware remains a significant threat, with LockBit, RansomHub, and Play ransomware causing the most breaches in 2024. Organisations with above-average CRI scores are notably more vulnerable, being around 12 times more likely to experience a ransomware breach.

The report also discusses emerging threats facilitated by artificial intelligence, including AI-assisted deepfake phishing, virtual kidnapping scams, and automated reconnaissance. On a more positive note, AI technologies are also supporting network defence efforts, such as through Trend Cybertron's predictive capabilities.

Trend Micro advises organisations to lower their CRI by optimising security settings, utilising native sensors and third-party sources for comprehensive attack surface analysis, and ensuring proper account management. Regular application and operating system updates are also recommended to maintain security integrity.