The extent of the security problem is revealed in a report from Telstra that shows almost 60% of organisations in Australia surveyed detecting a security incident on at least a monthly basis in 2016.
According to Telstra’s Director of Security Solutions, Neil Campbell, as the number and variety of connected devices and applications continued to proliferate, and the Internet of Things and virtual cloud environments emerged, the surface area for cyber security threats has been growing rapidly as well.
“We are seeing increases in security risks across the board. More than half of all businesses experienced a ransomware attack last year, 30% of Australian businesses surveyed have had a business email compromise and the number of distributed denial of service (DDoS) networks attacks are up by more than 200%,” Campbell says.
The security report comes as Telstra announced it would be opening new security operations centres in Sydney and Melbourne later this year as it launches a new suite of managed security services.
“These are the first steps in our security product roadmap. We are building on Telstra’s capabilities in network security, recently augmented with the acquisition of security analytics business Cognevo, and our relationship with leading global partners, including companies on the Telstra Ventures portfolio like Zimperium and vArmour, to grow our positon in the $2.5 billion Australian security services market.”
Campbell says Australian businesses must take steps to protect themselves against cyber security threats.
“Cyber security is a team sport requiring business, government, communities and consumers to work together to create a more cyber secure nation. As Australia’s largest provider of telecommunications services, we know Telstra has a big role to play here and we are investing in new services and capabilities to help Australians secure their businesses and personal data.”
The research by Telstra found that ransomware was the most downloaded malware in the Asia Pacific region in 2016, with approximately 60% of Australian businesses experiencing at least one ransomware incident in the last 12 months and 24% experiencing one a month.
And of the respondents who experienced a ransomware incident, organisations based in Australia were more likely to pay the ransom than those in Asia. However, one in three Australian organisations that paid a ransom did not recover their files.
“Many organisations are choosing to pay a ransom which can be a significant sum of money in the hope to restore their business operations. The reality is there is no honour among thieves and even if you pay the ransom there is no guarantee you will regain your files or rid yourself of the malicious software,” Campbell says.
The report also looks at what Telstra says is the growing importance of security for executives.
Consistent with the growing threat and security readiness and maturity within Australian businesses, the report found that executive involvement in cyber security initiatives had increased significantly in the past 12 months and most businesses were planning to increase their IT security spending.
“Security issues are quickly gaining in prominence among the leadership of Australian businesses. The number of businesses where C-level were directly responsible for their organisations security grew from 19% in 2015 to 61% in 2016,” Campbell said.
“The report also confirms that over 60% of senior executives across the Asia-Pacific region have a high or very high involvement in their organisation’s cyber security initiatives.”