The inaugural Cyber Crime and Security Survey Report was released this Monday and gives an insight into the latest security issues and debates impacting Australian businesses.
The survey was commissioned by national computer emergency response team CERT Australia and carried out by the University of Canberra.
If you have the time, you can download the full report on the CERT Australia homepage.
The Biggest Talking Points from the 2012 Cyber Crime and Security Survey Report
- 20% of 255 major companies admitting experiencing a cyber attack in the last 12 months (perhaps this figure is greater because companies are reluctant to disclose such events)
- This is despite the fact that 90% of companies surveyed reported using using firewalls, spam filters, and antivirus software.
- Of those, a further 20 per cent said they had experienced more than 10 “cyber security incidents”. One organisation in fact reported the theft of 15 years of critical business data. (reported by Asher Moses in The Age).
- Over half the respondents believe that the attacks were targeted specifically at their company rather than generic or indiscriminate attacks
- For Michael Lee on ZDNet, the most staggering aspect of the findings is the tiny prosecution rate with Australia only catching 8% of online crooks. What’s just as staggering is that 74% of respondents didn’t think a cyber attack warranted an investigation.
With cyber attacks continuing to increase, it’s imperative that businesses make every effort to beef up their IT security practices. Defence in Depth is more important than ever and applying more layers of protection at every contact point should be an IT security goal in 2013.
CERT Australia’s primary responsibility is to work with the private sector in identifying critical infrastructure and systems that are important to Australia’s national interest, based on an assessment of risk, and to provide these organisations with information and assistance to help them protect their information and communication technology infrastructure from cyber threats and vulnerabilities.