Australian Companies' Cybersecurity Practices Alarmingly Lax, Survey Finds
A recent survey has exposed concerning trends in Australian businesses' cybersecurity practices. A substantial number of employees are taking risks and circumventing security measures, while many are lacking essential training.
A striking 33% of employees admitted to bending security rules to enhance productivity. This risky behaviour is exacerbated by a lack of training, with 37% of respondents not receiving crucial cybersecurity awareness training, and 14% having no training at all.
The survey also revealed a dangerous misconception among employees. 60% assume links in emails are secure if sent through the corporate system, even though 20% only realised they had clicked on a malicious link when infected with malware or ransomware.
Moreover, 44% of respondents believe security systems hinder efficient work, and 40% do not use multi-factor authentication (MFA). While some companies use a combination of methods, the reliance on password management alone is concerning.
The survey also found that mobile users are particularly vulnerable, with 52% likely to click on a link if it comes from a trusted sender. Additionally, 22% of employees download and install unapproved software onto work devices, with senior managers being the most likely to use unauthorised software or cloud services.
The impact of these security lapses is clear, with 51% of employees surveyed having been directly affected by a cyberattack in the last 12 months.
The survey underscores the urgent need for Australian companies to bolster their cybersecurity measures. This includes providing adequate training to all employees, fostering a culture of cybersecurity awareness, and implementing robust security systems that do not hinder productivity. With the escalating threat of cyberattacks, companies must take these steps to safeguard their data and systems.
