Less than one in five leaders in information technology have ongoing cybersecurity awareness programmes in place, while just a quarter invest in annual cyber training, the HLB Cybersecurity Report 2023 has found.
The fourth edition of the report – released during the Federal Government’s Cyber Security Awareness Month – surveyed 750 senior IT professionals globally. It provided a snapshot of the current cyber-threat landscape and highlights the key actions leaders have taken since 2020 to become cyber-resilient.
The report found 50 per cent of business leaders saw an increase in cyber-attacks over the past 12 months, with another 35 per cent indicating the attack levels stayed the same as last year. Cyber-attack frequency and sophistication continue to increase proportionally to organisations’ digitisation efforts, with an estimated 1248 attacks per week worldwide.
Sixty-two per cent of leaders expect cybersecurity risks to become even more prominent over the coming five years, with the democratisation of malicious software, the rapid pace of digital transformation, ongoing geopolitical conflicts, and economic uncertainty combining to create the perfect environment for hackers.
The report findings are a stark reminder that many organisations remain unprepared for the financial and reputational impacts of a cyber breach.
Australia has unfortunately recorded a number of very high-profile cybersecurity breaches in recent years, including Canva, Optus, Medibank and Latitude Financial Services. These four companies are across four different sectors, and are just the tip of the iceberg in terms of total number of companies subjected to a breach.
All businesses – irrespective or size, sector or structure – need to be sufficiently prepared and ensure processes are watertight, appropriate budgeting is allocated, and staff and management are routinely trained in best-practice cyber techniques.
Business owners, company boards and senior executives are ultimately accountable, but everyone has a role to play in safeguarding operations against an attack, which are becoming more prevalent, despite increased awareness.
An emerging trend observed in the findings is the impact artificial intelligence (AI) will have on operations, with 47 per cent of IT professionals surveyed indicating they are concerned about AI-related attacks and have implemented corresponding defence strategies.
One third of respondents (34 per cent) said they are aware of a variety of AI-enabled security tools in the market, however they are yet to explore the option of deploying them. Further, 89 per cent of leaders are concerned with the current pace of technological innovation, particularly in generative AI, and the potential increase in cyber-related risk, of which 34 per cent are very concerned.
AI is an exciting development for businesses, including our own, however as with all untested advances, organisations can achieve the best security outcomes by combining technological innovations with ongoing investments in people and processes.
Cybersecurity automation solutions can help organisations respond faster to data breach events, but exclusively relying on machines to prevent an attack could have disastrous consequences.
This article was first published in the 2023-24 Summer Issue of Financial Times.