Share this article on:
Breaking news and updates daily. Subscribe to our Newsletter
A massive majority of Australian organisations withhold news that they suffer from a cyber attack, according to new research by Cloudflare.
Despite a massive 76 per cent of respondents saying they had suffered a cyber attack in the last year, only 27 per cent revealed incidents to the authorities.
The Office of the Australian Information Commissioner (OAIC) states that organisations must notify affected individuals and the OAIC in the event of an eligible data breach, being one that leads to personal data being lost or accessed or disclosed without authorisation, could result in serious harm or when the affected organisation is unable to prevent the risk of serious harm, under the Notifiable Data Breach scheme.
In addition, 37 per cent of Australian organisations said they suffered over 10 security breaches or incidents in the last year, while only 43 per cent said that in the event of an attack, they were highly prepared to prevent it.
Organisations that suffer data breaches have obvious reasons for wanting to keep a breach quiet. A breach has the potential to massively harm a company’s reputation, as it points out flaws in their systems.
There are also drastic financial burdens that follow. Cloudflare found that just under half (49 per cent) of respondents reported a financial impact of $1.5 million or more, while 25 per cent of small businesses had suffered impacts of at least $3 million.
On top of the cost of remediation and improving security systems, organisations could be subject to fines as high as $50 million; 30 per cent of adjusted turnover for the period; or three times the financial gain from the misuse of data in the case out outstandingly shocking breaches.
A separate survey run by Artic Wolf on the same topic found that there were five distinct reasons that organisations hesitate to disclose breaches, including fear of reputational damage, fear of internal repercussions, and fear of insurance policy changes.
Head of ANZ for Cloudflare Raymond Maisano has concluded that the findings suggest that Australian organisations need to do more to ensure they are more prepared for future attacks, which are more or less inevitable.
“Preparedness is key, but when it comes to deploying cyber security solutions, we’re finding less is more and efforts need to be directed into streamlining the security architecture to improve cyber security outcomes,” said Maisano.
“The increasingly complex threat environment paired with the industry-wide talent crunch needs to be met with a strong security culture that empowers business leaders, boards, and the rest of the company to proactively build their awareness and approach cyber security holistically.”
Comments powered by CComment