A review of the year’s cyber incidents and data breaches so far presents a “damning condemnation of corporate Australia” says CEO of Security In Depth, Michael Connory. In the first six months of 2019, 3,396 organisations have reported an attack, the true figure potentially being far higher considering many will be unaware they have been compromised, Connory’s report notes. There have been 903 data breaches in 2019 to date, 450 of which were major enough to report to the Office of the Australian Information Commissioner, a huge increase on the previous six month period. SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe Despite new legislation has been introduced and adopted such as the Notifiable Data Breaches act 2017 and the APRA Prudential StandardCPS 234, within major companies “sadly, very little has changed” in terms of their approach and response to cyber threats Connory says. “Taking into consideration the variables of these figures, they paint a disturbing picture for Australia and the failures of corporates and government to heed the warnings that have now become a tidal wave of despair,” the CEO said. More than half (55 per cent) of Australian organisations have no cyber security governance in place, the Security In Depth survey of 1,894 businesses found. Some 38 per cent did not provide any cyber awareness training to staff, despite 71 per cent of breaches being the result of human error (90 per cent beginning with an email). The survey – claimed to be the largest, most comprehensive cyber research project undertaken in Australia – found 63 per cent of local companies“have no idea” how to respond to a cyber incident. The majority (84 per cent) were found to “blindly trust third parties” with data holdings and didn’t review their maturity or security policies. “The report is a sad and disturbing indictment of Australia as a country that either refuses to address the fastest growing problem globally or we are just simply foolish, na?ve or arrogant to believe we don’t need to address this problem,” Connory said. Some simple steps could help reduce the threat and impact of cyber incidents, Connory added, namely: improved training, better co-ordination and communication between the IT department and the rest of the organisations and greater input from the board to improve cyber governance. Related content feature 10 digital transformation questions every CIO must answer Impactful DX requires a business-centric approach supported by the right skills, culture, and strategy. Here’s how to assess whether your digital journey is on the path to success. By Mary K. Pratt Sep 25, 2023 12 mins Digital Transformation IT Strategy IT Leadership feature Rockwell Automation makes shift to ‘as-a-service’ model Facing increasing competition from cloud hypervisors that see manufacturing as prime for disruption, the industrial automation giant has undertaken a major transformation to add subscription software services to its core business. By Paula Rooney Sep 25, 2023 6 mins Manufacturing Industry Digital Transformation IT Strategy brandpost Fireside Chat between Tata Communications and Tata Realty: 5 ways how Technology bridges the CX perception gap By Tata Communications Sep 24, 2023 9 mins Emerging Technology feature Mastercard preps for the post-quantum cybersecurity threat A cryptographically relevant quantum computer will put everyday online transactions at risk. Mastercard is preparing for such an eventuality — today. By Poornima Apte Sep 22, 2023 6 mins CIO 100 Quantum Computing Data and Information Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe