CFOtech Australia - Technology news for CFOs & financial decision-makers
Australia
Guides
#
artificial intelligence
#
data analytics
#
digital transformation
#
fintech
#
healthtech
Search
Story image
#
Ransomware
#
Digital Transformation
#
Phishing

Cyber threats in Australian firms prompt zero trust shift

Today
Author image
By Sean Mitchell, Publisher

Research by Zscaler reveals concerns regarding potential cyber breaches in Australian organisations by 2025, with many firms documenting recent significant failure scenarios.

The study highlights a discrepancy between the confidence of IT leaders in their current cybersecurity measures and the actual effectiveness of these strategies. Specifically, while 97% of Australian IT leaders believe their measures are effective, only 32% of them have strategies updated for modern attacks, including those involving AI threats.

ASIO's Annual Threat Assessment notes Australia's growing security vulnerability, exacerbated by technological advancements like AI, indicating a pressing need for organisations to prioritise their security architecture. In this context, the Zscaler report suggests adopting a zero trust architecture.

The report indicates that 52% of IT leaders in Australia believe investments in cyber resilience strategies are inadequate, revealing a gap between perceived importance and actual financial commitment. Meanwhile, only 39% of these leaders report active involvement of the Chief Information Security Officer (CISO) in resilience planning.

The focus of cyber security strategies appears to be misaligned, with 43% of budgets dedicated to prevention at the detriment of response and recovery. This imbalance leaves firms unprepared for potential failures, impacting their recovery capabilities.

Jay Chaudhry, CEO, Chairman and Founder of Zscaler, elucidates the irreversible nature of major organisational failures, stating, "The possibility of a major failure scenario for organisations is not an 'if' but 'when', as the statistics in our report show. It proves the need for proactive resilience to combat and mitigate inevitable incidents before they become a significant issue for business continuity. Proactive resilience is essential to address incidents before they threaten business continuity. Cyber resilience is foundational to overall business resilience, and outdated firewalls and VPNs allow persistent attacks, making a zero trust architecture crucial for defending against advanced threats. Leadership must collaborate with IT teams to develop a strong cyber resilience strategy based on Zero Trust, preparing for and mitigating the impact of sophisticated AI-driven attacks. We call this becoming 'Resilient by Design'."

Moreover, Zscaler's findings demonstrate that more than half of Australian IT leaders feel their organisations disproportionately prioritise preventive measures. Prevention accounts for a significant portion of security spending, potentially compromising the firm's ability to recover efficiently from cyber incidents. The study stresses that initiatives such as risk hunting, micro-segmentation, and deception technologies, key for containing attack impacts, are inadequately deployed.

Eric Swift, Vice President and Managing Director, ANZ at Zscaler, underscores the urgency required in resilience planning. He states, "With the evolving threat landscape and our report finding 48% of Australian organisations experienced a significant failure scenario in the past six months, a robust and proactive resilience strategy is now more critical than ever. We're regularly identifying Australia among the top targeted countries for ransomware, phishing, and encrypted attacks, and with the report showing 75% of organisations are anticipating a breach, the 'Resilience Factor' is crucial. The Australian government's recent direction to prevent installation and use of DeepSeek from all government devices, citing security concerns, underscores the importance placed on national resilience. This decisive action reflects a broader commitment to safeguarding against emerging threats and highlights the necessity for organisations to align their security frameworks with evolving regulations to enhance resilience in an increasingly complex threat landscape."

Zscaler's report advises organisations to embed comprehensive visibility and control into their cyber resilience strategies, using AI-powered platforms to adapt dynamically to risks and enhance their security posture effectively. Their Zero Trust Exchange model focuses on minimising attack surfaces, preventing initial compromises, eliminating lateral movements, and preventing data loss to support their 'Resilient by Design' approach.

This survey by Zscaler was conducted in December 2024 by Sapio Research and involved 1,700 IT decision makers from 12 different countries, targeting companies with over 500 employees across various industries.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
UiPath expands EMR access with new global agreement
Verizon & Accenture partner to boost cybersecurity services
Automation can alleviate burnout in Australian IT teams
Keir Garrett on diverse leadership in tech at Cloudera
UTS completes digital transformation with Boomi support
Top stories
IWD 2025: Why a human approach to tech adoption will help us march forward together
VECTEC appoints David Manassa to lead client development
IWD 2025: Why Procurement is a Strategic Career Choice for Women
Gartner reveals top six cybersecurity trends for 2025
AI adoption in Australia grows despite talent shortage