Understanding the state of Australia’s cybersecurity efforts
AUSTRALIAN businesses are at a higher risk of cyberattacks than their peers, and they need better cybersecurity solutions to counter the threats.
Although cybersecurity experts are proving quite efficient at battling digital threats, it seems as though they could do with a little help from automation and artificial intelligence (AI).
According to a new study, 81 percent of Australian companies are facing more than 5,000 threats per day — and 33 percent see anywhere between 100,000 to 150,000 threats per day.
In comparison, 37 percent of companies across the world face 5000 or less cyber threats per day, whereas only 10 percent face between 100,000 to 150,000 daily threats.
Obviously, the country attracts the attention of many hackers.
In fact, according to a recent investigation by Australian broadcaster Nine News and Fairfax Media, China is to blame to a certain degree for the increase in cyberattacks on Australian businesses. It allegedly orchestrated several attacks this year despite signing a bilateral agreement pledging not to steal each other’s commercial secrets.
Australian businesses put up a good fight
Fortunately, Australia’s cybersecurity experts have proved to be quite effective in combating these online and digital threats.
According to the study, 72 percent of alerts are investigated — which is well ahead of the regional and global benchmarks (both standing at 56 percent).
The next step for the country’s cyber defenders is to ensure that they are working on the right items, especially given the vast number of alerts they have to address.
Reports suggest that 65 percent of the alerts that are investigated turn out to be legitimate, which is by far the highest in the region and higher than both the global benchmark (34 percent) and the regional standard (44 percent)
However, it does mean that 35 percent of the remaining alerts false alarms, so not only is malware getting through the pile of logs that are not attended to, but a vast amount of valuable work is being done on files that don’t need it.
The percentage of legitimate alerts that are eventually remediated is 69 percent, which is again ahead of the global (50 percent) and Asia Pacific (53 percent) benchmarks. This leaves 31 percent of legitimate alerts not remediated and in need of improvement.
A growing need for cybersecurtity automation
According to the report, the cost of a breach is highest in Australia with 52 percent reporting that an attack costs between USD$1 to US$5 million, compared to Japan (23 percent) and India (25 percent) and that a full 9 percent reported costs of more than USD$10 million.
However, it’s reassuring to learn that 81 percent of Australian respondents report that they reacted to a breach with improvements in security threat defense policies, procedures, or security technologies.
Unfortunately, Australian companies seem to be using solutions from a number of cybersecurity vendors (with 12 percent reportedly working with up to 50 vendors) which creates architectural challenges and results in cyber fatigue.
In fact, according to the report, Australian defenders (69 percent) are third in the region after Japan and Thailand when it comes to reporting cyber fatigue, where defenders have basically given up trying to stay ahead of malicious threats and actors.
The cyber fatigue suggests that despite the number of tools and vendors that defenders in Australia are deploying, there is room for more automation, perhaps through an architectural approach.
Experts believe that cyber fatigue could be reduced with a re-examination of an integrated security architecture as an enabler of an automated response — but are positive about the efforts that Australian businesses are making to combat cybercrime.
The fact is, Australia is on a mission to be digital and mobile first, with several businesses quickly moving up the digital maturity curve and many city and state governments working on digital initiatives for the public.
According to reports, cybercrime costs the Australian economy over US$4.5 billion annually, and companies and government entities need to make a conscious effort to tackle cybercrime in order to avoid hindering the nation’s progress on the road to better and smarter digital products and services.