Businesses in Australia and New Zealand are innovating rapidly by evolving their organisational models to remain competitive – moving to the cloud, offering multiple touchpoints for employees and customers, and building new applications to connect and engage with customers. At the heart of this evolution is the proliferation of sensitive data that is created, collected and shared. At the same time, cybercriminals are looking at all this data as a gold mine to be monetised. So how can businesses adapt to these changes safely?

To find out, electrical systems and services company Thales engaged technology research and advisory firm Ecosystm to conduct market research on the state of data security in the region. Responses were obtained from 150 senior managers across various industries and the public sector. The key findings were that 70 per cent of organisations in the Asia-Pacific region have little or no cybersecurity program, and 50 per cent focus on cybersecurity only after an incident or data breach.

Digital transformation, emerging technologies (such as the IOT and AI) and industry compliance were named as the top drivers for investments in cybersecurity, but is important for organisations to develop a robust risk management programme that goes beyond compliance. The major challenges with deploying cybersecurity solutions were concerns with integration with existing technologies, the complexity of security solutions and the lack of skilled IT staff.

The journey to protect sensitive data starts with data classification. However, many organisations fail to identify sensitive data beyond intellectual property and legal. While organisations have numerous ways to control access to sensitive data, less than half of those surveyed use multi-factor authentication.

A similar number are storing their sensitive data in the public cloud, driven by the less mature organisations leveraging the public cloud for operational cost and growth elasticity benefits. Just over half say that their public cloud provider has sufficient security to protect their data, while 29 per cent say that their organisation has to complement their provider’s security measures. But over two thirds of the organisations that encrypt their data in the cloud have their encryption keys held by their cloud provider, which is a risky approach.

“Whoever holds the encryption keys owns the data,” the report stresses. “If a breach occurs but data was encrypted and keys were protected, a cyber attacker would be unable to decrypt the data and access the actual information.”

The report concludes with recommendations for addressing data protection, including identifying where sensitive data is stored, who has access to it, how many different data types need to be secured, and how it is transmitted; minimising the number of data repositories where possible; safeguarding encryption and key management; and controlling access.

Related news & editorials

  1. 22.08.2019
    by      In
    Kingfield Galvanizing, located in the northern Melbourne suburb of Somerton, has been recognised as one of Australia and New Zealand’s most innovative companies. The prestigious annual Most Innovative Companies list, published by The Australian Financial Review and Boss Magazine, is based on a... Read More
  2. 21.08.2019
    by      In
    Australian quantum cybersecurity specialist QuintessenceLabs is leading a project to develop a new breed of microchip-scale quantum random number generators to improve IoT security.
    The consortium also includes the University of New South Wales, the Australian Semiconductor Technology Company,... Read More
  3. 20.08.2019
    by      In
    The first electric cargo van assembled by the Australian Clean Energy Electric Vehicle Group (ACE-EV) has been revealed at the Tonsley Innovation District in Adelaide’s southern suburbs.
    The venue was significant, as the innovation hub is located in the former Mitsubishi Motors main assembly... Read More
  4. 20.08.2019
    by      In
    Molycop, incorporating Comsteel, has signed a long-term Power Purchase Agreement with energy retailer Flow Power. It runs to 31st December 2030 and is backed by offtake agreements with the Bomen Solar Farm and the Sapphire Wind Farm, both located in regional NSW. The Sapphire Wind Farm between Glen... Read More