Australia’s cyber attack gap
Despite a recent study ranking Australia as the 14th most cyber secure country in 2020 (up from 16th in the previous year), we still have a long way to go. That’s because this same report demonstrated that in 2020, 4.86% of our mobile phones and 11.08% of our computers are infected with malware (the USA scored just over 8.18% and 9.07% respectively). We are however, pretty high in the rankings for being prepared for cyber attacks, scoring 0.89 out of 1.0 (the UK was the highest scoring 0.93 with the USA scoring 0.92).
In comparison, the worst country for mobile malware was Iran with 52.68% infected and for computer malware was Tunisia with 23.26%; the least prepared for cyber attacks was Turkmenistan scoring only 0.11. Overall, the least cyber secure country was Algeria and the best was Denmark.
So what does all this mean for Australian businesses?
In a nutshell, these statistics mean that we could and should do better to close the cyber attack gap in Australia. Whilst Australia’s computer malware attacks (11.08%) were pretty comparable with the USA (9.07%), it was still higher than the UK (7.69%), Sweden (4.03%) and Denmark (3.15%), although much better than France (15.09%).
There is no room for complacency however, because the OAIC (Office of the Australian Information Commissioner) has released a report that shows the number of data breaches in Australia between July and December 2019 increased by 19% to 537. Malicious or criminal attacks (including cyber attacks) were the leading cause of data breaches and rose by 2% to reach 64%. Data breaches caused by human error however, were down by 2% to 32%.
The majority of the information stolen was contact information (40.4%), followed by financial details (19.5%), identity details (15.9%), health information (12.3%), TFNs (8.2%), and other sensitive information (3.7%).
If we look at another report, one published by CHUBB, we find that 43% of SMEs have no idea what constitutes a notifiable data breach, 49% do not have plans in place to deal with a data breach, 79% believe they can recover from a data breach made by sophisticated hackers within 24 hours, and only 27% have Cyber Insurance. It is essential to have the correct Cyber Insurance policy for your business to ensure it is protected should the worst happen.
Are Australian businesses overconfident?
The 79% of business who felt that they could overcome sophisticated hackers within 24 hours might like to know that the Australian Logistics company Toll suffered a cyber attack on 31st January (targeted ransomware). They had to disable their systems and use non-digital processes, negatively affecting many customers across Australia. Wool sales in Australia were also brought to a halt in early February when the Talman Software was forced offline due to a cyber attack (targeted ransomware again) that encrypted all their files. These are just two cyber attacks that occurred recently in Australia and these were big companies that thought they had done everything needed to reduce their risks. So if large national and multinational companies can be the victims of cyber attacks, SMEs could well do with lifting their game and at least reviewing their cyber action plans. Even when you have done everything possible to reduce your risks however, the final step is to take out Cyber Insurance, because no-one is completely safe from cyber hackers.
To decide if Cyber Insurance is suitable for your business, talk to Gail Findlay today.
Advisr does not provide advice and does not hold a financial service license (AFSL). All information above has been provided by Gail Findlay.