by Jennifer O'Brien

Most senior tech execs dealt with a security breach in last year

Apr 01, 2019
Business ContinuityComplianceData Center

The majority of CIOs, CTOs and CISOs said their organisations suffered a cybersecurity breach in the past 12 months, with 41 per cent breached between three to five times.

Carbon Black spoke to 250 c-level tech execs across financial services, healthcare, government, retail, manufacturing, food and beverage, oil and gas, professional services, and media and entertainment with 89 per cent indicating they had been breached.

The security vendor’s inaugural Australian Threat Reporthighlighted the challenges facing Australian businesses in the fight against cybercrime. It also identifies trends in hacking and malicious attacks and each organisation’s approach to strengthening defences through threat hunting.

“Our first Australian Threat Report exposes the hostile environment facing Australian businesses and underlines the fact that in today’s digital landscape breaches are all but inevitable,” said report author Carbon Black head of security strategy Rick McElroy.

Other key results found 81 per cent of surveyed Australian businesses reported an increase in cyberattacks – with 28 per cent having seen more than a 50 per cent increase in attack volumes.

And while enterprises of all sizes are being targeted, the bigger you are, the more threats you face, McElroy said.

The report found the average number of breaches per surveyed organisation is 4.28. It also revealed that 90 per cent of Australian businesses plan to increase spending on cyber defence.

Additionally, threat hunting is starting to gain traction among businesses. Over a quarter (26 per cent) have threat hunted for more than one year, the survey found. Over one third (38 per cent) said they’ve started in the past year. Within companies which actively threat hunt, 92 per cent said it has toughened their defences.

“We believe it’s no longer realistic to base security strategy on reactive defence. The inevitability of breaches puts pressure on organisations to start proactively detecting and neutralising attack vectors by improving visibility, hunting threats and developing effective counter- incident response,” McElroy said.

“Our research shows that threat hunting is starting to gain traction among businesses in Australia with 65 per cent of surveyed organisations having actively threat hunted in the past 12 months. Those organisations that are actively threat hunting are seeing a positive impact on their defences. Ninety two per cent of those who are actively threat hunting said their defences have strengthened.”

The report also said the scale of the challenge facing security teams is starting to provoke a response among budget holders, with 90 per cent of businesses across all sectors anticipating an increase in cyberdefence spending.

“This could hint at the start of a step change in security spending, as businesses get more realistic about the scale of the challenge they face. Certainly, it’s a shift that we believe is necessary if companies are to effectively manage the risk associated with operating on the internet today,” McElroy said.

Other findings show 88 per cent of respondents reported that the threats they are experiencing are growing in complexity – in fact 29 per cent said that attacks had become significantly sophisticated.

Specifically, 38 per cent of manufacturing and engineering companies said attacks have become significantly more sophisticated.

Describing the attacks that create the most havoc, the report highlights that nearly 1 in 5 (18 per cent) of data breaches were caused by ransomware, while 14 per cent originated from a 3rd party application attack and 12 per cent were breaches via a phishing attack.

Processes not being as strong as they should be accounted for 13 per cent and out of date security were the cause of a combined 11 per cent of breaches.

When asked what CIOs, CTOs and CISOs thought was the most effective and destructive type of cybercrime, 30 per cent of surveyed organisations said it involved ‘watering hole’ attacks where a website is compromised and pushes malware to visitors.

Destructive wiper attacks were in second position with 19 per cent of respondents citing them as the most destructive method; with integrity attacks, where the value of sensitive data is altered was third with 16 per cent. Fifteen per cent said island hopping (only seven per cent of respondents mentioned DDoS).

Furthermore, malware was said to be the most prolific attack type experienced by surveyed Australian businesses, with 29 per cent naming it the most frequently encountered.

Emphasising the diversity of the threat environment, Google Drive was in second place with 15 per cent and ransomware was in third place with 12 per cent. Destructive attacks like wiper was eight per cent, cryptojacking eight per cent and breach via the supply chain was six per cent.

Part of the answer, according to research commissioned by the security vendor, said IT leaders need to strengthen defences through ‘threat hunting.’