Antoine Le Tard Rubrik

Australian Organisations See High Rate of Data Breaches, Reports Rubrik Zero Labs

Australian organisations reported the highest rate of data breaches globally in 2023, according to a recent report by Rubrik Zero Labs. The findings revealed that data breaches in Australia were nearly 50 per cent more common than the global average.

The report titled, “The State of Data Security: Measuring Your Data’s Risk,” provides insights into the growing risks to data as cyber incidents increase worldwide. Rubrik Zero Labs’ research highlights the challenges organisations face in protecting their data and outlines strategies for reducing data risk before, during, and after cyberattacks.

Key Findings

The survey targeted IT security decision-makers at companies with 500 or more employees. It found that 82 per cent of Australian organisations experienced a cyberattack in 2023. Data breaches accounted for 54 per cent of these incidents, significantly higher than the global average of 38 per cent. Business Email Compromise (BEC) attacks were the second most common, occurring in 45 per cent of incidents.

Antoine Le Tard, Vice President of APJ at Rubrik, commented on the findings, stating, “Australia is a mature market and early adopter of cloud and enterprise security technologies. Despite heavy investments in perimeter security, Australia leads the world in data breaches. This indicates a need to shift towards cyber resilience strategies.”

Cloud Environments: A Prime Target

The report found that cloud environments were the most targeted in Australia, with 75 per cent of respondents reporting malicious activity. SaaS environments followed with 60 per cent, and on-premise infrastructure with 46 per cent.

Le Tard highlighted the risks associated with cloud environments, noting, “The cloud is a powerful business enabler but comes with inherent risks, especially for sensitive data. According to Rubrik telemetry, there are several security blind spots in the cloud. Object storage, which often holds sensitive data like PHI and PII, typically has lower security coverage.”

Ransomware Incidents

Ransomware was responsible for more than a third (36 per cent) of cyber incidents in Australia. In these cases, 97 per cent of enterprises paid a ransom to recover data or stop an attack. Payments were made in 70 per cent of encryption events and 54 per cent of extortion threats.

“The high percentage of businesses paying ransoms suggests an overreliance on perimeter defences and a lack of preparedness for data recovery post-attack,” Le Tard said. “A comprehensive backup strategy is crucial, allowing victims to recover data without paying attackers. However, this requires acknowledging that breaches are inevitable.”

Additional Findings

The research found that Australian organisations experienced an average of 28.17 attacks in 2023, similar to the global average of 28.12. These attacks included various types, such as BEC, data breaches, ransomware, insider events, and inadvertent data exposure.

Post-attack, the most common response among Australian organisations was to increase spending on new technologies or services, with 77 per cent doing so, compared to the global average of 55 per cent.

Ineffective backup and recovery solutions were identified as a major limiting factor in the aftermath of cyberattacks, noted by 21 per cent of respondents. A lack of leadership involvement (22 per cent) and a shortage of security expertise (17 per cent) were also significant issues.

Methodology

Rubrik Zero Labs’ report was based on a survey conducted by Wakefield Research among 1,625 IT and security decision-makers from companies with 500 or more employees. The respondents included CIOs, CISOs, VPs, and Directors of IT and Security from the US, UK, France, Germany, Italy, Netherlands, Japan, Australia, Singapore, and India. The survey was conducted between January 18 and January 30, 2024, and was supplemented by Rubrik’s telemetry data, covering more than 6,000 clients across 22 industries and 68 countries.

Conclusion

The findings from Rubrik Zero Labs highlight the pressing need for Australian organisations to adopt cyber resilience strategies and invest in robust backup solutions to mitigate the impact of inevitable cyberattacks. For more details, the full report is available at Rubrik Zero Labs.

Leave a Reply