SYDNEY, 19 June, 2017 – Australian organisations are lagging behind their regional counterparts when it comes to having security controls that are adaptive based on risk, with few able to anticipate the risk of a breach before it occurs.
This highlights a significant disconnect with the fact that more than half of Australian organisations believe that the number of security breaches has increased in the last 12 months.
In a global study by CA Technologies; The Security Imperative: Driving Business Growth in the App Economy, a low 37 per cent of Australian organisations reported employing proactive or predictive processes to detect data breaches; a stark comparison to our regional counterparts in Singapore, (75 per cent) and Korea (60 per cent). Further, 21 per cent of Australian organisations say that their approach to detecting data breaches only includes an ‘occasional review of activity reporting’.
“There’s no doubt that good identity-centric security strategy helps a business to accelerate its digital transformation journey. With data breaches becoming more frequent and more mature, identity-centric security needs to be incorporated right from day one, as a core technology enabler rather than bolted on as an IT afterthought,” said Teng Sherng Lim, vice president, Security, CA Technologies, Asia Pacific and Japan.
When it comes to identity and access management (IAM), none of the Australian organisations surveyed said their controls are adaptive based on risk, with the majority of controls being centralised or automated (67 per cent) and the remaining 33 per cent employing manual controls.
A correlation can be drawn between these figures and the impact of IT security efforts on business KPIs with Australia’s results again, by-and-large below the regional average. In particular, the areas of employee productivity (37 per cent), customer satisfaction (40 per cent), operational efficiency (35 per cent) and importantly business growth (41 per cent) paint a picture of little improvements.
“Disruptions – and in this case security breaches – are coming to every industry. For Australian organisations to succeed and in fact last, they need to be built it to change. This means not only keeping up, but constantly innovating and continuously improving. Employing advanced identity-centric security isn’t optional, it’s imperative,” said Lim.
The number of compliance audit failures was also reported to have improved by only 35 per cent based on IT security efforts, which compares starkly to Thailand at 57 per cent.
On a regional level, those with advanced identity-centric security reported a 35 per cent decrease in breaches, compared to only 12 per cent of basic users. Additionally, advanced users of identity-centric security that have seen a decline in breaches have been much more proactive in preventing breaches through increased investment and focusing on mobile devices and apps.
The study polled 1,770 senior business and IT executives worldwide, of which more than 100 are chief security officers and chief information security officers. 799 of the respondents were from countries in the APJ region.
• The Security Imperative: Driving Business Growth in the App Economy
• The Security Imperative Infographic
About the Research/Coleman Parkes
Conducted by Coleman Parkes, the study included 1,770 senior business and IT executives, including more than 100 CSOs and CISOs, from large enterprises across 21 countries and 10 industry sectors. The study and data analysis was done from May – September 2016. Coleman Parkes Research Ltd, formed in 2000, provides action-focused marketing research on a global scale. The company offers a full research and consultancy service across all markets, while specialising in business-to-business research with a focus on IT, technology and communications research. For more information, please visit www.coleman-parkes.co.uk.
About CA Technologies
CA Technologies (NASDAQ:CA) creates software that fuels transformation for companies and enables them to seize the opportunities of the application economy. Software is at the heart of every business in every industry. From planning, to development, to management and security, CA is working with companies worldwide to change the way we live, transact, and communicate – across mobile, private and public cloud, distributed and mainframe environments. Learn more at www.ca.com.
Copyright © 2017 CA, Inc. All Rights Reserved. All trademarks, trade names, service marks, and logos referenced herein belong to their respective companies.
Belinda Truong Hill+Knowlton Strategies Ph: 02 9286 1243 M: +61 401 384 693 E: Belinda.email@example.com
Email fraud is nothing new, but online criminals have become ever more-effective at spoofing their identities to trick employees into sending them money. The Australian Centre for Cyber Security (ACSC) recorded losses of over $20M to business email compromise (BEC) attacks last year alone, up 230 percent over the previous year – and the full amount is certain to be much larger.
Cybersecurity Insights - Attack
No matter how robust your security, or how diligent your employees, network credentials are a free pass for cybercriminals. This is mostly because employees are relied upon for their own password management. And with more than 4.8 billion sets of stolen credentials said to be available online, odds are that at least a few of your employees’ user IDs and passwords are just waiting to be used by unscrupulous outsiders. Are you ready to stop them?
Cybersecurity Insights - People
Cyber resilience will be particularly important as Australian organisations face increased pressure to quickly detect, respond to, and manage the repercussions of breaches in the wake of 2018’s Notifiable Data Breaches (NDB) scheme.