A cybersecurity self-assessment of 697 Australian organisations revealed 58% have limited or no capability to protect confidential information adequately. This is despite respondents feeling confident in managing user and administrative privileges, multifactor authentication, protecting their network, and providing cyber security awareness training.
According to the Spotlight on cyber: Findings and insights from the cyber pulse survey 2023 from the Australian Securities and Investments Commission (ASIC), 31% of participants do not have controls to prevent unauthorised transmission of confidential information, 29% of participants do not encrypt confidential information and 40% of participants do not manage their data destruction. This is particularly concerning as 42% of respondents hold an Australian financial services licence.
The surveyed assessed respondents’ cyber resilience against six functions: governance and risk management, identifying information assets, protecting information assets, detecting cyber security events, responding to cyber security incidents, and recovering from cyber security incidents.
