Australia lags in online security awareness

IT managers score low marks in APT preparedness when compared to global counterparts

Australian businesses have scored poorly in an international survey of preparedness for the new generation of security threats, according to a multi-national survey by Trend Micro.

An online survey of IT managers polled more than 2000 companies, each with 500 or more employees, in several countries—Australia, Canada, the United States, Germany, UK, France, Brazil, and India. 225 firms were surveyed in Australia.

The research canvassed a wide range of attitudes and approaches to security, such as enforcement of access rights, encryption of information, and understanding of Advanced Persistent Threats (APT), the latest form of targeted attacks aimed at larger organisations.

Australian firms consistently ranked poorly to comparison to other nations in most of the criteria, with the US and Canadian firms appearing to be better prepared for emerging cyber-threats.

Adam Biviano, Trend Micro ANZ’s head of strategic products, said the results were surprising.

“Australian organisations ranked lowest in key areas, such as the encryption of critical information, educating staff about targeted attacks, and a general understanding of APTs. Perhaps Australian IT managers feel that distance makes them safer and less of a target, but cyber-criminals know no boundaries and the increasing number of data breaches shows that any Australian company can be targeted,” he said.

Australia did do well in one area, however, with almost 95 percent of organisations surveyed having up-to-date security software deployed across their endpoints.

“Given that we are all about to be connected to a national network with basically unlimited bandwidth, we need to start taking the risks posed by these targeted attacks seriously. Otherwise we may start to miss out on some of the opportunities that will emerge,” said Mr Biviano.

Research highlights for the eight countries, with percentages of organisations surveyed: 

Have a documented process for handling security incidents

1st           USA                     93.0%

8th           Australia              80.4%

Critical information cannot be copied or saved onto endpoints

1st           USA                     89.9%

8th           Australia              79.1%

Critical information is encrypted

1st           US                       91.2%

8th           Australia              80.9%

Exchanging executables is prohibited via email and removable media

1st           Canada                 87.4%

6th           Australia               80.9%

Security software installed on client/server is always kept up-to-date

1st           Australia               94.7%

8th           Germany               88.1%

Understanding of how targeted attacks such as APTs work

1st           USA                      91.6%

8th           Australia               78.7% 

Security policy exists within the organisation, and is shared & communicated regularly with employees

1st           Canada                 95.6%

7th           Australia               84.4%

Regularly educating users on targeted attacks such as APTs

1st           UK                        87.3%

8th           Australia               72.9%    

Join the CSO newsletter!

Error: Please check your email address.

Tags security threatssurveyAdam Bivianoresearchtrend microsecuritycybercriminalsAPTTrendmicrotargeted attacksadvanced persistent threats (APTs)

More about ANZ Banking GroupAPTTrend Micro Australia

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by CSO staff

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place