Australia lags in online security awareness

IT managers score low marks in APT preparedness when compared to global counterparts

Australian businesses have scored poorly in an international survey of preparedness for the new generation of security threats, according to a multi-national survey by Trend Micro.

An online survey of IT managers polled more than 2000 companies, each with 500 or more employees, in several countries—Australia, Canada, the United States, Germany, UK, France, Brazil, and India. 225 firms were surveyed in Australia.

The research canvassed a wide range of attitudes and approaches to security, such as enforcement of access rights, encryption of information, and understanding of Advanced Persistent Threats (APT), the latest form of targeted attacks aimed at larger organisations.

Australian firms consistently ranked poorly to comparison to other nations in most of the criteria, with the US and Canadian firms appearing to be better prepared for emerging cyber-threats.

Adam Biviano, Trend Micro ANZ’s head of strategic products, said the results were surprising.

“Australian organisations ranked lowest in key areas, such as the encryption of critical information, educating staff about targeted attacks, and a general understanding of APTs. Perhaps Australian IT managers feel that distance makes them safer and less of a target, but cyber-criminals know no boundaries and the increasing number of data breaches shows that any Australian company can be targeted,” he said.

Australia did do well in one area, however, with almost 95 percent of organisations surveyed having up-to-date security software deployed across their endpoints.

“Given that we are all about to be connected to a national network with basically unlimited bandwidth, we need to start taking the risks posed by these targeted attacks seriously. Otherwise we may start to miss out on some of the opportunities that will emerge,” said Mr Biviano.

Research highlights for the eight countries, with percentages of organisations surveyed: 

Have a documented process for handling security incidents

1st           USA                     93.0%

8th           Australia              80.4%

Critical information cannot be copied or saved onto endpoints

1st           USA                     89.9%

8th           Australia              79.1%

Critical information is encrypted

1st           US                       91.2%

8th           Australia              80.9%

Exchanging executables is prohibited via email and removable media

1st           Canada                 87.4%

6th           Australia               80.9%

Security software installed on client/server is always kept up-to-date

1st           Australia               94.7%

8th           Germany               88.1%

Understanding of how targeted attacks such as APTs work

1st           USA                      91.6%

8th           Australia               78.7% 

Security policy exists within the organisation, and is shared & communicated regularly with employees

1st           Canada                 95.6%

7th           Australia               84.4%

Regularly educating users on targeted attacks such as APTs

1st           UK                        87.3%

8th           Australia               72.9%    

Tags surveysecurity threatsAdam Bivianosecuritytrend microresearchcybercriminalsAPTTrendmicroadvanced persistent threats (APTs)targeted attacks

Comments

Comments are now closed

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Cloud Trust Authority

Reduce complexity and increase trust for public cloud service providers and their customers.

Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.