Less than half of ANZ organisations detect a security breach in under 90 days

While companies tend to consider themselves well-prepared when it comes to cybersecurity, fewer than 49% of ANZ organisations could detect a security breach in less than 90 days with 23% taking between two and three months, the Fortinet 2022 Networking and Cybersecurity Adoption Index has revealed.

The index produced a score for respondents between zero and 100 with zero being completely unprepared and 100 being extremely well-prepared. Overall, the index revealed a score of 75, which means that organisations are, for the most part, doing a reasonable job of ensuring cyber resilience.

Almost two-thirds (63%) of organisations provide training for employees and 58% of staff consider themselves very well trained, suggesting room for improvement. Further, less than half (49%) of organisations said they had achieved disciplined adherence to established best practices and just 48% said they have achieved transparency around risk vulnerability.

What’s more, 65% of companies conduct regular maintenance of software updates and security patches, which is a key line of defence in mitigating security risks.

 “This year’s Fortinet Networking and Cybersecurity Index demonstrates that, while organisations tend to consider themselves well prepared to face cyberthreats, many of the specific actions needed to be genuinely prepared are not given the attention they need,” Fortinet regional director Australia, New Zealand, and the Pacific Islands, Jon McGettigan said.

“CISOs and CIOs must look to educate their boards to understand the importance of building maturity and deal with gaps in knowledge. Leveraging cybersecurity awareness training from providers can significantly increase the cyberskills and capabilities of IT teams and deliver real value for enterprises and individuals alike.”  

This year’s Index indicates opportunities for organisations to deal with advanced persistent cybercrime and reduce operational risk through increasing the maturity level of the business.

1. Establishing zero trust security to protect against unauthorised access. A zero-trust approach creates a more secure environment that protects against unauthorised access to sensitive data and digital assets.  
2. Investing in leading-edge security technologies using automation and artificial intelligence tools. Organisations implementing artificial intelligence-based tools can significantly improve their cyber resilience and futureproof their networks.  
3. Implementing a cybersecurity mesh architecture approach to futureproof networks. Companies should look to implement a cybersecurity mesh architecture approach to reduce the risk of cyberattacks. Embracing a mesh approach will lower costs and complexity while providing adaptability, reliability, and scalable protection.
4. Providing training and awareness programs for all employees. Online cybersecurity training is beneficial to help employees protect themselves and the company against growing cyberattacks and threats. Alerting employees to the many threats that exist will keep them from making mistakes that could threaten the safety of the enterprise.