Report: Data breaches on the rise, Australian businesses ill-prepared

​Data loss and the theft ​of confidential information incidents rose by 78.68 per cent in 2018

Data loss and theft continues to rise, yet two-thirds of organisations in Australia do not have a team or capability to respond to cyber security incidents.

According to the 2018/2019 BDO and AusCERT Cyber Security Survey, data loss and the theft of confidential information incidents rose by 78.68 per cent in 2018 compared to 2017, and data breaches experienced through third-party providers and suppliers also rose by 74.3 per cent.

Between 2017 and 2018 alone, professional and technical service organisations have seen a 300 per cent increase in data breaches via third-party providers and suppliers, and a 670 per cent increase in data loss and theft of confidential information. However, no professional and technical services respondents to the survey perceived an incident caused by a third party as a threat, indicating incidents were likely to have occurred, but were not detected.

Although cyber criminals are the most common sources of cyber attacks, respondents also reported a significant increase in suspected attacks from foreign governments and nation states, with 64 per cent of data breaches caused by malicious or criminal attacks, while 33 per cent could be attributed to human error.

While most organisations were confident in meeting compliance regulations as outlined by recently introduced cyber security and data privacy legislation, 66 per cent of businesses surveyed have no predefined plan or capability to contain, eradicate and recover from cyber security incidents.

On average, the cost to an Australian organisation for a data breach is almost $US2 million. The potential for huge financial implications is one reason 86.4 per cent of survey respondents indicated they expected to have a cyber security awareness plan in place within the next 12 months. By 2020, 84.8 per cent of respondents plan to implement regular cyber security risk assessments.

Respondents are anticipating data loss and theft of confidential information to be the most prevalent threat in 2019 and beyond, with respondents expecting attacks coming from activists (80%), insiders (68%), or foreign nationals (10%).

Recent high-profile cyber breaches at Dell, HealthEngine and PageUp have exposed Australia’s vulnerability to data-related breaches and prompted calls for greater investment in cyber security awareness and incident management in the professional services domain.

A recent Customer Loyalty 2018 Report by Gemalto also found Australian consumers are more likely than their global counterparts to walk away from a company (retail, financial or healthcare) that experiences a breach, with over two-thirds (70 per cent) admitting they would look elsewhere if financial and sensitive information such as card details and bank accounts were stolen. Over half (55 per cent) admitted they would also walk if passwords alone were stolen.

The report found retailers (62 per cent), social media sites (57 per cent) and banks (53 per cent) are most at risk of suffering the consequences of a breach, with Australian consumers prepared to avoid their business in future. Two-thirds of Australian consumers are worried that at some point their online personal information will be stolen.

BDO’s national cyber security leader, Leon Fouche, said all industries needed to ramp up their focus on employee education and training to empower their people to take action.

“While recent compliance regulations have boosted data breach notification numbers and industry leaders have endorsed the implementation of more comprehensive resilience measures, many Australian organisations do not have the capability to detect a breach or respond to it in a manner that contains cost and reputational damage,” Fouche said.

“Sophisticated cyber attacks and data breaches sit alongside weapons of mass destruction and natural disasters in terms of their ability to disrupt and damage; however, in many business cases, the focus on preventative measures has far outweighed response or incident management.

“Every organisation should have a pre-defined plan, which is regularly tested, to ensure that everyone in the organisation knows what to do and how to respond to cyber security incidents.”

The most common vehicle for cyber attack remained phishing, which accounted for 20.19 per cent of all cyber security incidents experienced in 2018 and has been trending upwards since the inaugural BDO and AusCERT Cyber Security Survey in 2016. Phishing was followed by malware (14.08%) and ransomware attacks (9.39%).

“That’s why education and training are so important. Employees need to be given the knowledge to detect a potential cyber attack and the tools to respond if they suspect there has been a breach or they have inadvertently disclosed sensitive information,” Fouche said.

The survey examined the cyber security risks and realities experienced by more than 500 board, business and IT executives across Australia and New Zealand.

Follow CMO on Twitter: @CMOAustralia, take part in the CMO conversation on LinkedIn: CMO ANZ, join us on Facebook: https://www.facebook.com/CMOAustralia, or check us out on Google+:google.com/+CmoAu  

 

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Show Comments

Latest Videos

Conversations over a cuppa with CMO: Microsoft's Pip Arthur

​In this latest episode of our conversations over a cuppa with CMO, we catch up with the delightful Pip Arthur, Microsoft Australia's chief marketing officer and communications director, to talk about thinking differently, delivering on B2B connection in the crisis, brand purpose and marketing transformation.

More Videos

Hey there! Very interesting article, thank you for your input! I found particularly interesting the part where you mentioned that certain...

Martin Valovič

Companies don’t have policies to disrupt traditional business models: Forrester’s McQuivey

Read more

I too am regularly surprised at how little care a large swathe of consumers take over the sharing and use of their personal data. As a m...

Catherine Stenson

Have customers really changed? - Marketing edge - CMO Australia

Read more

The biggest concern is the lack of awareness among marketers and the most important thing is the transparency and consent.

Joe Hawks

Data privacy 2021: What should be front and centre for the CMO right now

Read more

Thanks for giving these awesome suggestions. It's very in-depth and informative!sell property online

Joe Hawks

The new rules of Millennial marketing in 2021

Read more

In these tough times finding an earning opportunity that can be weaved into your lifestyle is hard. Doordash fits the bill nicely until y...

Fred Lawrence

DoorDash launches in Australia

Read more

Blog Posts

Highlights of 2020 deliver necessity for Circular Economies

The lessons emerging from a year like 2020 are what make the highlights, not necessarily what we gained. One of these is renewed emphasis on sustainability, and by this, I mean complete circular sustainability.

Katja Forbes

Managing director of Designit, Australia and New Zealand

Have customers really changed?

The past 12 months have been a confronting time for marketers, with each week seemingly bringing a new challenge. Some of the more notable impacts have been customer-centric, driven by shifting priorities, new consumption habits and expectation transfer.

Emilie Tan

Marketing strategist, Alpha Digital

Cultivating engaging content in Account-based Marketing (ABM)

ABM has been the buzzword in digital marketing for a while now, but I feel many companies are yet to really harness its power. The most important elements of ABM are to: Identify the right accounts; listen to these tracked accounts; and hyper-personalise your content to these accounts to truly engage them. It’s this third step where most companies struggle.

Joana Inch

Co-founder and head of digital, Hat Media Australia

Sign in