Illumio says the time is ripe for massive cybersecurity change, as a new report shows Australia is lagging behind the rest of the world.

Despite a record $9 billion set aside for cybersecurity in the federal budget early this new research shows Australia is still playing catch up when it comes to cyber defence.

The Zero Trust Segmentation Impact Report, conducted by The Enterprise Strategy Group (ESG), surveyed 1,000 IT and security professionals in eight countries and discovered that in the past two years alone, more than three-quarters of organisations surveyed (75%) have been attacked by ransomware and two- thirds (66%) have experienced at least one software supply chain attack.

Pj Kirner, Illumio co-founder and CTO, says the grim news in the cybersecurity arena is going to keep coming, unless the industry makes a few crucial changes to its approach.

“Catastrophic breaches keep happening despite another year of record cybersecurity spending. Money will not make the problem go away until security leaders move beyond the legacy approach to only focus on detection and perimeter protection,” Kirner says.


How does Australia stack up

Despite the heralding of RED SPICE, the most significant single investment in the Australian Signals Directorate’s 75 years, cybersecurity within Australian organisations is lagging behind those of its allies.

The recent report from Illumio shows only 9% of Australian respondents felt their organisation is prepared to handle a breach, with 61% believing a breach is likely to become a disaster. By comparison, 26% of United States respondents felt prepared to handle a breach.

A spate of cyber attacks have plagued both Government and private organisations, with the most high profile including the recent SA Frontier Breach which reportedly saw more than 90,000 South Australian public servants have their personal information stolen last year.

Ransomware attacks are becoming increasingly common. More than just data, these attaches are costing Australian businesses hard cash, with organisations paying on average $250,000 per attack.

It is no surprise then that local cybersecurity companies attract the attention of investors, with Senetas (ASX: SEN) recently completing a $5 million capital raise to support its file gateway encryption subsidiary, Votiro. Similarly, data-centric security technology company archTIS (ASX: AR9) has continued its powerplay with Microsoft by announcing NC Protect has become accessible to Microsoft Azure customers.

Zero Trust becoming a priority

Despite the lack of preparedness of Australian organisations, innovative solutions such as Zero Trust Segmentation are being prioritised.

Zero Trust Segmentation breaks up security of a network into small compartments making lateral movement extremely difficult, ultimately stopping attackers from injecting an entire network. In short: never trust, always verify for each connection made to a network.

In terms of implementation the recent Illumio research uncovered that 87% of Australian respondents indicated that Zero Trust Segmentation is a top-3 cybersecurity priority and allocating an average of 31% of their security budget towards zero trust initiatives.

However, despite the zero trust mantra “assume breach,” 44% still believe their organisation will not experience a breach within the next 24 months. Though this was better than respondents in France (33%) and Germany (38%) fared, it still points to a glaring disconnect between what organisations say they are doing, and how they are actually operating.

“I’m shocked that nearly half of those surveyed in the Zero Trust Impact Report do not think a breach is inevitable, which is the guiding principle for Zero Trust,” IIllumio’s PJ Kirner says in response to the results, “ but I am encouraged by the hard business returns Zero Trust and Segmentation deliver.

“Zero Trust Segmentation is emerging as a true market category that is transforming business operations and strengthening cyber resiliency”.

 This article was developed in collaboration with Illumio, a Stockhead advertiser at the time of publishing.

This article does not constitute financial product advice. You should consider obtaining independent advice before making any financial decisions.