Cyber security can no longer legitimately be considered the domain of IT alone, according to the new MinterEllison ‘Perspectives on Cyber Risk Report 2017‘.
The report’s findings also show that Australian companies are being too slow to take the necessary action to mitigate and manage cyber risk.
“Cyber attacks can entirely shut down businesses, causing significant (and sometimes irreparable) damage to corporate and government reputations, relationships and systems,” said Paul Kallenbach MinterEllison Technology Partner and cyber expert. “They can adversely impact other businesses in the supply chain, compromise the privacy of millions of individuals, and threaten economic wellbeing and national security. Yet business is not responding quickly enough. All organizations need to develop a culture of cyber risk management and look beyond the expectation of IT department taking the responsibility for risk mitigation.”
The report highlights the need to embed cyber resilience in every organization, yet key findings suggest this isn’t happening:
“In our board survey, 44%of organizations responded that the board is only briefed on cyber security issues annually or on an ad hoc basis, while 13% of organizations said that the board received no briefings at all,” said Kallenbach. “In our CIO survey, only 52% of respondents indicated their organizations had increased their expenditure on IT security over the previous 12 months and that shows little change to the 2016 report findings.”
Source: Continuity Central