SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image

Cyber recovery times in Aus & NZ rise, firms boost spend

Today

The latest Global Security Research Report by Fastly highlights an increase in the time required for Australian and New Zealand businesses to recover from cyber incidents.

According to the report, in 2024, businesses in these regions are taking an average of seven months to recover from cybersecurity breaches, which is 19% longer than the initially expected duration of 5.9 months.

Companies that decided to reduce cybersecurity spending reported facing an average of 31 incidents, with recovery times extending to seven months. This duration is more than five months longer compared to those organisations that chose to maintain or increase their cybersecurity budgets.

The research indicates that 88% of businesses plan to increase their investment in security tools over the next year, marking a 12% increase from the previous year. Despite this, 51% of surveyed cybersecurity decision-makers feel inadequately prepared to handle future threats due to an increasingly sophisticated threat landscape.

Marshall Erwin, Chief Information Security Officer at Fastly, commented, "Full recovery from breaches is not getting any faster. The revenue, reputation and time lost damages business relationships permanently and drains resources from other areas of the business."

"With attacks not diminishing and the possibility of further high-profile slip-ups always present, it's crucial that any changes businesses are now making to cybersecurity strategies fit within a holistic plan and aren't knee-jerk reactions."

The report also found that 49% of businesses have concerns regarding the reliability and quality of software in their security stack, prompting 26% to consider changing vendors.

Furthermore, 86% of organisations altered their approach to testing and the rollout of updates due to significant reliability incidents this year.

In terms of software security, the report points out a growing involvement of stakeholders outside traditional security teams, including platform engineering teams, in decisions regarding app security solutions.

Approximately 22% of participants expressed a focus on adopting a platform engineering approach to software security. Platform Engineering teams are currently held responsible for 7% of cybersecurity incidents, while Chief Information Security Officers accounted for 12%, and Chief Information Officers for 8%.

Erwin further stated, "Cybersecurity spending is under the microscope as businesses continue to feel unprepared dealing with an evolving threat landscape. We are seeing a shift towards a shared responsibility for security across organisations, with increased focus on embedding security measures throughout all projects."

"Companies that bake in security and establish strong partnerships with security organisations early in a product development process are in a better position to deal with emerging threats and recover more quickly from attacks."

The report, which was based on a global survey including 200 key IT decision-makers from large organisations in Australia and New Zealand, was conducted online in September 2024 by Sapio Research.

The survey explored how businesses are adjusting their cybersecurity spending and tool consolidation in response to high-profile security incidents.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X