Story image

Australia ahead of the curve in APAC cybersecurity, but still lacking maturity

08 May 17

Australia is ‘much more advanced’ than most Asia Pacific countries when it comes to enterprise security but still lacks the security maturity and skills needed to cope with threats.

That’s the finding of a new IDC report, which shows that while Australia is stepping up its security game, it still has some way to go.

Lydie Virollet, IDC Australia market analyst for IT services and cybersecurity, says the number of breaches on both a global and local level in 2016 pushed Australian organisations to gain awareness of their assets, risks and how to mitigate the loss of revenue, brand reputation damage and downtime from potential attacks.

“As a result, security has become a key topic in any technology implementation discussion across the country,” Virollet says.

“However, Australian organisations do not have the security maturity, nor the skills, to cope with today and tomorrow’s threat landscape,” she says.

“Building strong relationships with trusted providers, carefully selected based on the companies assets and maturity, will be critical for their survival.”

IDC Australia says Australian companies have increased their security budgets and revamped their strategy on the back of the tsunami of ransomware in 2016 and well publicised security failures, such as the IBM Census debacle.

However, the analyst company says the understanding and management of threats is a struggle most Australian organisations face, and the extremely high fragmentation of the market increases their confusion as to what solutiosn to adopt to be most secure.

“This concern and struggle does not however directly translate into effective actions,” IDC says.

“In some market sin the region the lack of compelling and enforced legislation leaves the IT security team with the paradox of how to secure the environment when the C-suite are not prepared to fund it or, as so often happens, IT security is considered important, but not enough to staff it nor fund it sufficiently.”

The IDC IT Security MaturityScape report for Australia shows 21.1% of 106 organisations surveyed fell into what IDC calls the ‘compliant companion’ segment – companies with solid security programs and control frameworks to address all regulatory needs and internal risk assessments.

Another 15.1% fell into the Proactive Partner category of companies with robust security programs with strong compliance and early exploration of the cost effectiveness of solutions; while 2.4% were ‘predictive professionals’ – where risk is recongised as an element of overall business value proposition for technology and the company seeks the most efficient and effective ways to manage enterprise security.

However, 10.1% of those surveyed were dubbed naive novices – the first stage of the five stage maturity model – with ad-hoc basic security measures, acting on security as it arises; while the biggest percentage – a full 51.3% – fell into stage two of the matruity model, and were deemed reactive responders, addressing the most significant security requirements inhouse, but looking to external sources to provide guidance in compliance-oriented programs.

Gartner names newcomer Exabeam a leader in SIEM
The vendor landscape for SIEM is evolving, with recent entrants bringing technologies optimised for analytics use cases.
52mil users affected by Google+’s second data breach
Google+ APIs will be shut down within the next 90 days, and the consumer platform will be disabled in April 2019 instead of August 2019 as originally planned.
Genesys PureCloud generates triple-digit revenue growth year on year
In Australia and New Zealand, the company boosted PureCloud revenue by nearly 100%.
Symantec releases neural network-integrated USB scanning station
Symantec Industrial Control System Protection Neural helps defend against USB-borne cyber attacks on operational technology.
IDC: Standalone VR headset shipments grow 428.6% in 3Q18
The VR headset market returned to growth in 3Q18 after four consecutive quarters of decline and now makes up 97% of the combined market.
Open source will be the next big thing for the channel
Channel firms should be on the lookout for opportunities across open source and more diverse software offerings like software-defined containers and storage.
Gartner names LogRhythm leader in SIEM solutions
Security teams increasingly need end-to-end SIEM solutions with native options for host- and network-level monitoring.
NBN Co rolls out 'optimised' wholesale business bundles for ISPs
“We recognise some businesses are on nbn powered plans that have not been optimised for their needs," says Paul Tyler.