Australian organisations are now preventing 87 per cent of all focused cyberattacks, up from 70 per cent in 2017, according to a new study from Accenture.
This has been achieved despite the average number of focused attacks per organisation within Australia almost doubling this year to 232, compared to 106 for the previous 12 months.
Joseph Failla, Accenture security lead for Australia, said that while organisations are clearly dong a better job of preventing data from being hacked, stolen or leaked, there is still more work to do.
“Building and allocating investment for security measures must be a priority for those organisations who want to close the gap on attacks even further. And for those who are successful, reaching a sustainable level of cyber resilience could become a reality in the next two to three years,” Failla said.
The study, which surveyed 4600 enterprise security practitioners representing companies with annual revenues of $1 billion or more in 15 countries, found that while external incidents represent an increasing threat, two of the top three cyberattacks with the highest frequency and greatest impact within Australian organisations are internal attacks and accidentally published information.
While Australian organisations realise the benefits of investing emerging technologies, more than half (53 per cent) of Australian respondents cited legacy infrastructure as causing the biggest challenge in moving forward, compared to 45 per cent globally. Australian organisations also nominated cyber threat analytics (43 per cent) and security monitoring (48 per cent) as the most necessary capabilities to fill gaps in their cybersecurity solutions.
The research also found that it is taking less time to find and remediate breaches: 44 per cent of Australian organisations are able to find breaches between 1-7 days after they occur, and 41 per cent can remediate a breach in 30 days or less. However, security teams are still only finding 57 per cent of breaches. For attacks they have been alerted to by others, Australian respondents said that it was found by white-hat hackers in 48 per cent of cases, and by a peer or competitor in 62 per cent of cases.
Accenture also recommended five steps Australian organisations can take to achieve cyber resilience, including:
1. Build a strong foundation. Identify high value assets and harden them. Ensure controls are deployed across the organisation, not just the corporate function.
2. Pressure test resilience like an attacker. Enhance red defence and blue defence teams with player-coaches that move between them and provide analysis on where improvements need to be made.
3. Employ breakthrough technologies. Free up investment to invest in technologies that can automate defences.
4. Be proactive and use threat hunting. Develop strategic and tactical threat intelligence tailored to your environment to identify potential risks. Monitor for strange activity at the most likely points of attack.
5. Evolve the role of CISO. Develop the next generation CISO to be heavily involved in the business.
To learn more about the study, download 2018 State of Cyber Resilience Executive Summary.