Cyber security breaches in Australia increased by more than 25 per cent in 2017, despite Australian businesses raising the ante with a 25 per cent increase in security spending over their 2016 expenditures, according to research from Accenture and the Ponemon Institute.
Although Australian businesses were subjected to an average of 53 security breaches last year, the study showed this compared favourably to the global average of 130. In Australia the most expensive attacks were reported to be malicious insiders, and phishing and social engineering, averaging $136,804 and $112,902 per incident, respectively.
As part of the ‘2017 Cost of Cyber Crime Study’, 2182 interviews were conducted with employees from 254 companies in Australia, the US, Germany, Japan, the UK, France, and Italy.
The 169 interviews in Australia found that the most common technologies to combat cyber crime in use today are security intelligence systems (64 per cent), and advanced identity and access governance (60 per cent). Although artificial intelligence (AI) and advanced analytics have been found to produce some of the highest levels of cost savings in the area of cyber security, only 24 per cent and 32 per cent of companies respectively have adopted these technologies.
Consequences of cyber attacks are dire, with Australian survey respondents reporting that information loss is one of the most expensive consequences (32 per cent), second only to business disruption (41 per cent).
The study recommends three steps for Australian companies to improve their cybersecurity:
• Invest in basics such as security intelligence and advanced access management.
• Invest in new technologies, specifically advanced analytics and artificial intelligence, to stay ahead of the hackers.
• Undertake extreme pressure testing to identify vulnerabilities, not simply rely on governance, risk, and compliance (GRC).
“With cyber incidents on the rise, and ever evolving in terms of scale and sophistication, Australian businesses should ensure they are appropriately prepared. It is encouraging to see strong investment in this field; however, it is clear that businesses should consider the targeted deployment of advanced analytics and artificial intelligence in their cyber defences,” said Josh Kennedy-White, managing director, Accenture Security, Asia Pacific.