Businesses in Australia and New Zealand are innovating rapidly by evolving their organisational models to remain competitive – moving to the cloud, offering multiple touchpoints for employees and customers, and building new applications to connect and engage with customers. At the heart of this evolution is the proliferation of sensitive data that is created, collected and shared. At the same time, cybercriminals are looking at all this data as a gold mine to be monetised. So how can businesses adapt to these changes safely?

To find out, electrical systems and services company Thales engaged technology research and advisory firm Ecosystm to conduct market research on the state of data security in the region. Responses were obtained from 150 senior managers across various industries and the public sector. The key findings were that 70 per cent of organisations in the Asia-Pacific region have little or no cybersecurity program, and 50 per cent focus on cybersecurity only after an incident or data breach.

Digital transformation, emerging technologies (such as the IOT and AI) and industry compliance were named as the top drivers for investments in cybersecurity, but is important for organisations to develop a robust risk management programme that goes beyond compliance. The major challenges with deploying cybersecurity solutions were concerns with integration with existing technologies, the complexity of security solutions and the lack of skilled IT staff.

The journey to protect sensitive data starts with data classification. However, many organisations fail to identify sensitive data beyond intellectual property and legal. While organisations have numerous ways to control access to sensitive data, less than half of those surveyed use multi-factor authentication.

A similar number are storing their sensitive data in the public cloud, driven by the less mature organisations leveraging the public cloud for operational cost and growth elasticity benefits. Just over half say that their public cloud provider has sufficient security to protect their data, while 29 per cent say that their organisation has to complement their provider’s security measures. But over two thirds of the organisations that encrypt their data in the cloud have their encryption keys held by their cloud provider, which is a risky approach.

“Whoever holds the encryption keys owns the data,” the report stresses. “If a breach occurs but data was encrypted and keys were protected, a cyber attacker would be unable to decrypt the data and access the actual information.”

The report concludes with recommendations for addressing data protection, including identifying where sensitive data is stored, who has access to it, how many different data types need to be secured, and how it is transmitted; minimising the number of data repositories where possible; safeguarding encryption and key management; and controlling access.

Related news & editorials

  1. 22.10.2020
    by      In
    A poll of Ai Group member companies has found a growing incidence of insurance stress related to huge price spikes, reduced coverage or an inability to secure any coverage on certain risks has afflicted more than 50 per cent of businesses.
    Following an increase in anecdotal reports, a poll of Ai... Read More
  2. 21.10.2020
    by      In
    Despite the safety and wellbeing of employees being of paramount importance to organisations across a wide range of industries worldwide, the International Labour Organisation reports that a staggering 2.3 million people a year still die due to work-related accidents, with a further 300 million... Read More
  3. 21.10.2020
    by      In
    A new report from the Climate Council has revealed Queensland has the natural resources to become a world leader in renewable energy, as well as in industries such as clean manufacturing, minerals processing and renewable hydrogen - bringing with it tens of thousands of jobs.
    The report  “Leaders... Read More
  4. 21.10.2020
    by      In
    After almost a year of being obligated to becoming COVID-19 sensitive, it is important to consider if we have developed a good understanding about the most effective way to keep surfaces free from the potential transmission of the virus.
    There is a clear difference between cleaning surfaces, as... Read More