There is no doubt that connectivity and technology provide great benefits for society and the economy today, and the full potential and benefits are yet to be fully realised. However, with this benefit comes some risks and as more of the world embraces technology and connectivity the risk increases. It is critical that individuals and organisations need to be able to manage this risk.
In the intangible world of cyber space, where neither the assets we value, nor the threats, are visible, it can be a struggle to understand how to manage these risks.
The continual increase in connectivity and the rapid uptake in new technologies means that crime, espionage, protest and even mistakes can happen at a pace, scale and reach that is unprecedented. That makes cyber security a significant issue, one of global importance that no individual or organisation can handle alone.
Telstra today released its 2016 Cyber Security Report, which aims to assist organisations in the Asia Pacific region to better manage and mitigate their business risks by sharing our knowledge of the evolving security landscape.
This report shares our knowledge and insights about the cyber security risk identified by businesses in Australia and the Asia Pacific region. Among our findings are:
• 23.7 per cent of Australian organisations surveyed detected a business interrupting security breach during an average month. This is more than twice as often as 2014 (10 per cent);
• The Asia Pacific region experienced an even higher level of security incidents with 45.5 per cent of surveyed organisations impacted by a security incident during an average month;
• Organisations that attribute responsibility to C-level or business line managers and conduct frequent cyber security briefings are better positioned to handle security incidents;
• Ransomware and particularly phishing emails continue to rise in Australia and disrupt business operations; and
• Nearly half of Australian organisations have not yet put in place the tools to track and monitor shadow IT which is leaving organisations exposed to potential valuable data loss.
Businesses who approach cyber security as an IT risk rather than a business risk will struggle and in many cases fail to appropriately manage the risk. A business risk view with the right mix of people, processes and technology is essential for companies to manage the risks and reap the benefits of the digital world.
It is our hope that the report will improve awareness about the nature of the cyber threat and help organisations make vital cyber security decisions that minimise the cyber security risk to their business.