cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Aussie firms struggling to assess cyber risk exposure, report reveals

Trend Micro research has found that 48 per cent of Australian organisations “feel their cyber risk assessments are not sophisticated enough” to shield their operations from ransomware, phishing, IoT and other threats.

user iconReporter
Mon, 01 Aug 2022
Aussie firms struggling to assess cyber risk exposure, report reveals
expand image

Overly complex tech stacks and lack of awareness from leadership are exacerbating issues, according to the study respondents.

According to Ashley Watkins, vice president ANZ at Trend Micro, in many cases, the challenge is compounded by siloed point solutions.

"We already knew that organisations are concerned about a fast-expanding digital attack surface with limited visibility.


"Now we know that they also need urgent help to discover and manage cyber risk across this environment.

"Organisations must search for a single platform that gives them the certainty and security they require," Watkins said.

Commissioned by Trend Micro, Sapio Research interviewed 6,297 IT and business decision makers across 29 countries to compile the study.

According to the data, Australian organisations are struggling with manual approaches to attack surface mapping (20 per cent), with 48 per cent reporting difficulty working with multiple tech stacks. Based on the findings, this may explain why only around 35 per cent are able to accurately detail any one of the following based on risk assessments:

  • risk levels for individual assets;
  • attack attempt frequency;
  • attack attempt trends;
  • impact of a breach on any particular area;
  • industry benchmarks; and
  • preventative action plans for specific vulnerabilities.

Over one-third (35 per cent) of Australian IT and business decision makers Trend Micro interviewed say that assessing risk is the main area of attack surface management they struggle with. As a result, over 78 per cent feel exposed to ransomware and IoT attacks, and 87 per cent feel exposed to phishing.

The inability of organisations to accurately assess attack surface risk also keeps business leaders in the dark. About 47 per cent of respondents struggle to quantify risk exposure to leadership, and only 71 per cent believe their C-suite fully understands cyber risk at present.

Trend Micro notes that there's a clear opportunity for organisations to leverage third-party expertise, to help mitigate increased complexity that has influenced reduced confidence for decision makers.

Almost two-fifths (37 per cent) of respondents are already invested in a platform-based approach to attack surface management, while half (50 per cent) of respondents say they'd like to do the same. Those who have already made the move, improved visibility (34 per cent), better scalability (34 per cent) and faster breach detection (33 per cent) are the most valued advantages.

[Related: Global cyber security stakeholders falling short as threats intensify]

cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.