Govt sector facing most security breaches
Australian government and local authority organisations have reported the highest number of average breaches of all Australian organisations over the last 12 months, research from VMWare indicates.
A survey of CIOs and CISOs conducted for VMWare’s Cybersecurity Threat Survey Report found that government bodies have on average experienced 2.54 breaches over the past 12 months.
Government authorities faced a particular problem with “island hopping breaches” involving cybercriminals exploiting the weaknesses in small organisations to laterally target larger ones.
This type of attack was involved in 15% of breaches targeting the government and local authority sector, compared to 11% overall.
“Island-hopping is having an increasing breach impact with 11% of our survey respondents citing it as a main cause of breaches. In combination with other third-party risks such as third-party apps and the supply chain, it’s clear the extended enterprise is under pressure,” VMWare Carbon Black Cyber Security Strategist Rick McElroy said.
But across all sectors, OS vulnerabilities and third-party application compromise were the most common cause of breaches, affecting 18% of respondents.
The research found that economy-wide, 94% of Australian organisations reported attack volumes increasing in the last 12 months, while 96% reported suffering a security breach in the last 12 months, with the average organisation experiencing two breaches during that time.
Meanwhile, 88% reported that attacks have become more sophisticated, with 16% stating they have become significantly more advanced, and 96% plan to increase cyber spending in the coming year.
The research also found that Australian organisations are using an average of seven different security technologies to manage their security program.
Meanwhile, nearly all (98%) respondents report having security concerns around 5G. But despite these challenges, opinion is split on the need for security spending. 43% say they will need to increase security spending and controls, while 55% won’t be focusing their budgetary increases on securing 5G.
Building secure AI: a critical guardrail for Australian policymakers
While AI has the potential to significantly enhance Australia's national security, economic...
Building security-centric AI: why it is key to the government's AI ambitions
As government agencies test the waters of AI, public sector leaders must consider how they can...
State government agencies still struggling with securing user access
Audit reports have shown that Australian government agencies in four states experience challenges...