Story image

NZ firms pick up the pace on cybersecurity savviness

14 Nov 17

New Zealand businesses are starting to realise the dangers that cyber attacks present, however some still remain ignorant according to new research from Kordia.

A survey of 225 IT decision makers found that half of businesses acknowledged they are at risk – which means at least half don’t believe they are at risk at all.

According to Kordia’s head of communications Esmée O’Brien, the results are ‘encouraging’.

“Over half of New Zealand businesses now acknowledge their risk of falling victim to cybercrime. Two thirds of businesses updated or reviewed their policies in the wake of the recent high-profile ransomware attacks. And, more than half of all businesses are planning to increase their budget for information security in the year ahead,” O’Brien says.

25 percent of surveyed respondents said they were impacted by the NotPetya and WannaCry ransomware attacks. 46% have been targeted by either phishing, ransomware or malware in the last 12 months.

Those attacks have spurred actions for 65% of respondents, including reviews and updates to their security policies.

IT decision makers believe that their company needs to invest more in security. Almost 60% of respondents say their security budget is between 5-14% of their entire IT budget. 22% believe that percentage needs to increase.

Budgets, risk and impact all boil down to an organisation’s readiness to deal with cyber attacks. The survey showed that 68% of respondents believe their company is ready. 59% have a response plan, however 29% don’t have one at all.

Cyber insurance is yet to gain ground in New Zealand businesses, as 41% do not have any cyber insurance.

O’Brien also highlights that two thirds of respondents have conducted training or awareness programmes for their employees.

Three quarters of respondents believe their staff understand best practices such as strong passwords, avoiding suspicious links and locking devices.

“This is a great result. Technology can only go so far when it comes to securing information – the rest is up to people. We’d like to see that number higher, but it does show that more businesses are getting the message and understanding that cyber security is a company-wide issue,” O’Brien says.

She also warns that businesses can’t let security activities fall by the wayside.

“It is no longer a case of ‘if’, but ‘when’ your business will be targeted. Being prepared and taking a risk-based approach is therefore an essential part of being in business. It is not the attack itself that will determine the eventual outcome, but how you respond to it. We’d like to see all New Zealand businesses acknowledging cyber security risk, training their people, establishing response plans – and testing them regularly,” she concludes.

NZ Internet Task Force joins iSANZ Hall of Fame
NZITF chair Barry Brailey and former chairs Mike Seddon and Paul McKitrick received the award in Auckland last week.
Quantum computing: The double-edged sword for cybersecurity
Quantum computing is quickly moving from science fiction to reality.
Three ways to achieve data security whilst enabling BYOD
"A mobility strategy is now more important than ever before, that said, selecting the right one is often no small task."
How IoT and hybrid cloud will change in 2019
"Traditional VPN software solutions are obsolete for the new IT reality of hybrid and multi-cloud."
WatchGuard’s eight (terrifying) 2019 security predictions
The next evolution of ransomware, escalating nation-state attacks, biometric hacking, Wi-Fi protocol security, and Die Hard fiction becomes reality.
GCSB's CORTEX project scoops iSANZ Award
“I believe this award is particularly significant as it is acknowledgement from our peers in the information security industry and from across the private sector."
NZ firms lack cybersecurity confidence, HP survey says
Out of 434 of New Zealand’s small and large businesses, only half (50%) feel confident that they would be able to cope if they experienced a significant cybersecurity breach.
SonicWall secures hybrid clouds by simplifying firewall deployment
Once new products are brought online in remote locations, administrators can manage local and distributed networks.