SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Fortinet research reveals lack of enterprise security awareness in ANZ
Fri, 26th Aug 2022
FYI, this story is more than a year old

New research from Fortinet has found that just over half of ANZ enterprises believe they have the right strategies and technologies in place to deal with cyber threats.

And while only 53% of respondents considered themselves highly prepared to deal with breaches and cyber exploit threats, fewer than 49% of ANZ organisations said they could detect a security breach in less than 90 days, with 23% taking between two and three months.

Fortinet's 2022 Networking and Cybersecurity Adoption Index also produced a score for respondents between zero and 100, with zero being completely unprepared and 100 being extremely well-prepared when it comes to cybersecurity. It incorporated three pillars of success: people, process and platform.

Overall, the index revealed a score of 75, which means that while organisations are sometimes unsure, they are doing a reasonable job of ensuring cyber resilience. People and platform both scored 77, but enterprises were let down on the process side with a score of 72 indicating room for improvement.

Fortinet says that it has become a challenging time for businesses as they have to navigate a complex cyber climate. They say coping with the ever-evolving threat landscape requires enterprises to combine people, processes, and platforms in an ongoing cycle of improvement to strengthen the organisation's cyber resilience.

Focus on Zero Trust, secure SD-WAN, digital identity, and passwordless networks is prevelant in today's security climate, and Fortinet says organisations need to ensure staff are knowledgeable around these solutions and know how to maximise their impact.

The survey found that 63% of organisations provide training for employees and 58% of staff consider themselves very well trained, suggesting room for improvement.

Fortinet also says enterprises need to be aware of the risk posed by remote, isolated systems that can leave them exposed.

Less than 49% of organisations said they had achieved disciplined adherence to established best practices, and just 48% said they had achieved transparency around risk vulnerability. 65% said they conduct regular maintenance of software updates and security patches.

"This year's Fortinet Networking and Cybersecurity Index demonstrates that, while organisations tend to consider themselves well prepared to face cyberthreats, many of the specific actions needed to be genuinely prepared are not given the attention they need," says Fortinet regional director ANZ and the Pacific Islands Jon McGettigan.

"CISOs and CIOs must look to educate their boards to understand the importance of building maturity and deal with gaps in knowledge. Leveraging cybersecurity awareness training from providers can significantly increase the cyberskills and capabilities of IT teams and deliver real value for enterprises and individuals alike."