sb-eu logo
Story image

Cyber attacks keeping business leaders up at night, new research finds

Data breaches and insider threats are keeping organisations up at night, according to new research from KnowBe4, the security awareness training and simulated phishing platform.

In its survey, KnowBe4 looked at six different perspectives of security concerns, including attack types, security initiatives, compliance security, user-related issues, resource issues and executive-level concerns.

The global survey had a total of 914 respondents from Australia, the UK, Germany, the Netherlands and South Africa, with 114 organisations across Australia participating and coming from the top five verticals in technology, engineering, education (K-12), government and transportation.

The survey found that concern for negligent users plays a huge role in what Australian organisations are uneasy about when it comes to security, with concerns over cyber attacks increasing 443%.

In Germany and the UK, negligent users also topped the list for organisations, with concerns over cyber attacks increasing 206% and 125% respectively in the mentioned markets.

Despite high levels of concern for negligent users, 58% of Australian organisations have security awareness training implemented.

When it comes to attack types, data breaches are at the top of the list for attack types, with 78% of Australian organisations expressing some degree of concern.

Insider threats (73%) and credential compromise (71%) were the top two and three attack types that concerned Australian organisations respectively.

Ransomware (63%) and shadow risk (75%) topped the list of attack types concerning organisations in Germany and the UK respectively.

Ensuring security is in place that meets compliance requirements is still a challenge for 72% of Australian organisations, despite the regulation details being out for quite some time.

Executive support remains an issue for 65% of Australian organisations, impacting adequate budget, implementing solutions and maintaining relationships with key vendors.

In Germany and the UK, the issue of executive support was slightly lower at 52% and 56% respectively. Monetary loss topped the list as a major concern for Australian C-level executives at 59% followed by business disruption at 55% and significant data breach at 45%.

In Germany and the UK, data breach and loss of customers were C-level executives greatest concerns’ which both recorded at 42% in both countries.

KnowBe4 managing director Australia Karina Mansfield says, “Concerns over cyber attacks have increased exponentially because the threat actors are getting even more sophisticated and persistent.

“COVID-19, which has forced many organisations to move to a remote workforce, has seen a rise in cyber criminals going on the offensive and taking advantage of the situation.”

Mansfield says, “I was happy to see that over half of the organisations we surveyed in Australia had implemented security awareness training as part of their overall security programs, but training needs to be consistent and frequent in order to be effective.

“When addressing the issues that most concern our cybersecurity workforce, a few important points to remember are to have and execute a security strategy, get executive buy-in, obtain necessary budget and implement a security culture.”