Share this article on:
Data breaches are a global problem, but lax Australian attitudes are compounding the problem, according to new data.
Global research by data security company Rubrik has revealed a perfect storm of circumstances that make Australian organisations particularly vulnerable to data breaches.
The research is based on feedback from over 1,600 security experts from Australia, the US, the UK, France, Germany, Italy, the Netherlands, Japan, Singapore, and India and took place between June and July of this year.
But while Rubrik’s The State of Data Security: The Journey to Secure an Uncertain Future report has a global outlook, the results for Australian companies were particularly worrying. In fact, in the words of the report, data risk is “surging down under”.
According to the report, more Australian security experts feel their staff are violating internal data policies than any other country in the world. Twenty per cent of security executives are worried about the matter, compared to a global average of 11 per cent.
Australian reporting is also behind the rest of the world, with only 4 per cent of decision-makers receiving reports on at least a monthly basis. Worse, while, on average, 4 per cent of C-suites around the world only receive security reports following a material incident, that number jumps to 11 per cent for Australian leadership teams.
And this is all against a background of growing data breaches. Fifty-eight per cent of Australian organisations experienced some kind of data loss in the last 12 months, with 31 per cent experiencing multiple data-loss events – the highest number among countries polled.
Antoine Le Tard, vice-president at Rubrik APAC, believes that – to a degree – the can-do attitude of many Australian workers is behind the issue.
“In my experience, Australians go above and beyond to innovate in order to get the best outcome for their customers and the business. This desire to help as quickly as possible and remove friction from the customer relationship can sometimes lead to a liberal interpretation of organisational procedures and policies,” Le Tard said in a statement. “While their heart is in the right place, we now live in an age in which cyber attackers are constantly looking for any inroads they can find – so it’s clear data security policies are a corner that should never be cut.”
“Despite the multiple high-profile data breaches over the past 18 months, our research found more than one in 10 Australian senior decision-makers were only receiving updates when a material issue arises – and by then, it’s already too late,” Le Tard said. “The trend globally is for the majority of senior leaders to receive data security updates quarterly or every six months. This is much better practice as it allows any issues to be addressed before they’re exploited.”
Another part of the problem is the rapid data growth of many Australian companies. On average, Australian organisations now hold 5.7 million sensitive datasets, but 88 per cent of IT leaders feel their ability to protect their data is being outstripped by the amount of data that now needs protecting. More concretely, a quarter of Australian businesses surveyed feel that they are at a higher risk of data loss in the next 12 months.
Steven Stone, head of Rubrik Zero Labs, feels artificial intelligence (AI) and smart devices are part of the data growth problem.
“The explosive growth in data is due to increasing use of big data tied to artificial intelligence, the internet of things, and the increasingly common use of personal data generated by devices. Furthermore, it is rapidly changing both sides of the cyber security battlefront – including the myriad of ways that attacks are carried out and how our systems execute rapid response, from posture management to data security,” Stone said.
“We see that left unattended, today’s data proliferation can cripple businesses. Organisations need to have the right visibility into their data to secure it, with a clear plan for cyber resilience that delivers business continuity.”
You can read the full State of Data Security: The Journey to Secure an Uncertain Future report here.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.