Australian data seems to be the favoured goal for cyber attackers, with organisations reporting the highest rate of data breaches throughout the globe in 2023.
This is one of the important thing Australian findings from the most recent analysis by Rubrik Zero Labs. The report discovered data breaches have been virtually 50 % extra frequent in Australia than the worldwide common.
Rubrik Zero Lab’s new “The State of Data Security: Measuring Your Data’s Risk” report provides insights on real-world dangers in opposition to data because the tempo and quantity of cyber occasions continues to extend globally, aided by the explosion of data within the cloud and the realities of trendy computing environments. Rubrik Zero Labs research the challenges organisations face to guard their crown jewels — their data — in addition to the best way to scale back data danger and put together for the evolving danger cycle earlier than, throughout, and after a cyberattack.
After surveying IT safety resolution makers at corporations with 500 or extra workers, the analysis discovered 82 % of native organisations experienced a cyberattack in 2023. Of these, data breaches have been probably the most prevalent model of assault comprising 54 % of incidents, in comparison with the worldwide common of 38 per cent. Business Email Compromise assaults have been the second commonest assault methodology, witnessed in 45 % of incidents.
Antoine Le Tard, Vice President, APJ at Rubrik, mentioned the findings confirmed cyber resilience – slightly than merely cyber prevention – was extra essential than ever.
“Australia is a mature market and early adopter of cloud and many enterprise security technologies. As such, local organisations have been investing heavily in perimeter security for the past decade, yet Australia holds the unenviable title of leading the world in data breaches,” Le Tard mentioned. “This shows it’s time to think beyond the perimeter and shift towards cyber resilience strategies.”
With many native organisations adopting hybrid environments to modernise their companies, assaults have been witnessed throughout all features of their infrastructure. Cloud environments have been probably the most focused in Australia, with 75 % of native respondents reporting malicious exercise. SaaS recorded the second most malicious exercise, reported by 60 % of respondents, adopted by on-premise infrastructure with 46 %.
“The cloud is a powerful business enabler but it comes with inherent risk – particularly with vulnerable sensitive data,” Le Tard mentioned. “According to Rubrik telemetry, there are a number of security blind spots when it comes to the cloud. Most data we see in a standard cloud instance is object storage – so it has far lower security coverage than other areas – yet more than a quarter of object storage data is sensitive data, such as protected health information (PHI) and personally identifiable information (PII).”
While data breaches have been the most typical assault kind experienced in Australia, ransomware accounted for greater than a 3rd (36 %) of native cyber incidents. In these instances, 97 % of enterprises reported paying a ransom to get well data or cease an assault. In 70 % of instances, a ransom was paid following an encryption occasion and in 54 % it was paid on account of extortion threats.
“The high percentage of businesses paying a ransom following an encryption event suggests many Australian organisations are placing too much faith in perimeter defences. They simply aren’t prepared to recover their own data following a successful attack,” Le Tard mentioned. “A comprehensive backup strategy is the best defence in these cases. It allows the victim to rapidly recover their own data without having to pay the attackers – but investing here often requires an organisation to accept breaches are inevitable.”
The Rubrik Zero Labs analysis unit pairs Rubrik telemetry throughout its buyer base of greater than 6,100 organisations with findings from a survey carried out by Wakefield Research of greater than 1,600 IT and safety leaders — half of that are CIOs and CISOs. Additionally, this examine integrated data from two Rubrik associate organisations and 5 different analysis organisations in an effort to supply probably the most goal findings. Additional key findings from the Australian data embrace:
- Throughout 2023, Australian organisations experienced a median of 28.17 assaults – on par with the worldwide common of 28.12. This determine encompasses all assault sorts together with enterprise e-mail compromise, data breach, ransomware, insider occasion, and inadvertent data publicity.
- In Australia, ineffective back-up and restoration options have been the second commonest limiting issue famous within the wake of a cyberattack (21 %), second to solely a scarcity of management involvement (22 %). An absence of safety experience throughout the organisation was famous by 17 % of Australian organisations.
- In the wake of an assault, the most typical motion Australian organisations took was to extend spending on new applied sciences or providers (77 %). This was notably larger than the worldwide common of 55 %.
To learn the complete report, go to https://rubrik.com/zero-labs.
Keep updated with our tales on LinkedIn, Twitter, Facebook and Instagram.