Story image

Australia ahead of the curve in APAC cybersecurity, but still lacking maturity

08 May 2017

Australia is ‘much more advanced’ than most Asia Pacific countries when it comes to enterprise security but still lacks the security maturity and skills needed to cope with threats.

That’s the finding of a new IDC report, which shows that while Australia is stepping up its security game, it still has some way to go.

Lydie Virollet, IDC Australia market analyst for IT services and cybersecurity, says the number of breaches on both a global and local level in 2016 pushed Australian organisations to gain awareness of their assets, risks and how to mitigate the loss of revenue, brand reputation damage and downtime from potential attacks.

“As a result, security has become a key topic in any technology implementation discussion across the country,” Virollet says.

“However, Australian organisations do not have the security maturity, nor the skills, to cope with today and tomorrow’s threat landscape,” she says.

“Building strong relationships with trusted providers, carefully selected based on the companies assets and maturity, will be critical for their survival.”

IDC Australia says Australian companies have increased their security budgets and revamped their strategy on the back of the tsunami of ransomware in 2016 and well publicised security failures, such as the IBM Census debacle.

However, the analyst company says the understanding and management of threats is a struggle most Australian organisations face, and the extremely high fragmentation of the market increases their confusion as to what solutiosn to adopt to be most secure.

“This concern and struggle does not however directly translate into effective actions,” IDC says.

“In some market sin the region the lack of compelling and enforced legislation leaves the IT security team with the paradox of how to secure the environment when the C-suite are not prepared to fund it or, as so often happens, IT security is considered important, but not enough to staff it nor fund it sufficiently.”

The IDC IT Security MaturityScape report for Australia shows 21.1% of 106 organisations surveyed fell into what IDC calls the ‘compliant companion’ segment – companies with solid security programs and control frameworks to address all regulatory needs and internal risk assessments.

Another 15.1% fell into the Proactive Partner category of companies with robust security programs with strong compliance and early exploration of the cost effectiveness of solutions; while 2.4% were ‘predictive professionals’ – where risk is recongised as an element of overall business value proposition for technology and the company seeks the most efficient and effective ways to manage enterprise security.

However, 10.1% of those surveyed were dubbed naive novices – the first stage of the five stage maturity model – with ad-hoc basic security measures, acting on security as it arises; while the biggest percentage – a full 51.3% – fell into stage two of the matruity model, and were deemed reactive responders, addressing the most significant security requirements inhouse, but looking to external sources to provide guidance in compliance-oriented programs.

Data center colocation market to hit $90b in next five years
As data center services grow in popularity across enterprises large and small, the colocation market is seeing the benefits in market size.
Automation beginning to impact Aussie workforce
18% of those surveyed said automation has already impacted their job ‘significantly’, with their duties changing or their role becoming redundant.
OVH launches public cloud down under
OVH Public Cloud services is expanding to Australia out of two data centres - one in Sydney and one in Singapore.
Acer’s new programme and portal for partners
A simple and manageable programme designed to incentivise, recognise and reward commercial partner achievements.
Interview: Culture and cloud - the battle for cybersecurity
ESET CTO Juraj Malcho talks about the importance of culture in a cybersecurity strategy and the challenges and benefits of a world in the cloud.
In ongoing cloud war, Google to acquire data migration specialist
Google is currently behind AWS and Microsoft in the cloud battle, and it would seem this play is an attempt to claw some ground back.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.