Australian organisations not feeling prepared for the IT security threat


The Networking and Cybersecurity Adoption Index, a major research study examining the cybersecurity readiness and approach of Australian organisations reveals that only 29 per cent of respondents felt highly prepared for an IT security threat and just 36 per cent of businesses said they had complete transparency around risk vulnerability in cybersecurity.

The index produced a score for respondents between zero and 100 with zero being completely unprepared and 100 being extremely well-prepared when it comes to cybersecurity. It incorporated three pillars of success: people; process; and platform.

The index put the overall readiness score of Australian businesses at 73, indicating that there is significant work to be done to prepare Australian businesses for the inevitability of a cyberattack.

Australian organisations obtained a platform score of 75, a people score of 77, and a process score of just 68. While the people and platform scores were relatively strong, Australian businesses must focus on process to improve their overall cybersecurity preparedness.

This was reflected in the in-depth results, which revealed that:

  • only 29 per cent of respondents felt highly prepared for an IT security threat and 11 per cent were unsure if they were prepared. Broken down by size, 27 per cent of small companies felt highly prepared while 39 per cent of medium businesses and 48 per cent of large businesses felt prepared
  • just 36 per cent of businesses said they had complete transparency around risk vulnerability in cybersecurity
  • just 57 per cent said they were successful in aligning their security and business objectives
  • only 55 per cent said there were clear responsibilities and security accountability throughout the organisation
  • 21 per cent of respondents said they were only minimally or somewhat resourced for IT and data protection, while just one-third said they were highly resourced.

Jon McGettigan, regional director Australia, New Zealand, and the Pacific Islands, Fortinet, said, “The threat landscape has never been as complex or fast-moving as it is right now. The accelerated and ongoing digital transformation across Australian organisations has led to a greater reliance on technology. While this is powering businesses’ recovery from the pandemic, it also creates significant risk, as any cyberattack could have profound consequences. Organisations need to understand where they sit in relation to cybersecurity preparedness so they can determine their ongoing strategy.

“The Networking and Cybersecurity Adoption Index is a significant undertaking with questions carefully calibrated to dive deep into the heart of what’s driving Australian organisations when it comes to cybersecurity.”

The report revealed four essential takeaways for Australian businesses looking to better understand their cybersecurity posture:

  1. Cybersecurity is considered an all-or-nothing commitment, and any vulnerabilities can put the entire system at risk.
  2. Cost, lack of expertise, and the time and effort required are the greatest perceived barriers to cybersecurity success.
  3. Remote working opens a new cybersecurity vulnerability for many businesses in the long term, warranting further investment in the coming year.
  4. Considerable IT security investments have been made recently and more are planned soon. Lack of decision-making efficiency around IT investment and planning can impede implementation of meaningful and timely improvements.

Jon McGettigan said, “Cybersecurity preparedness is about more than just getting the technology right. The Networking and Cybersecurity Adoption Index found that process is the weak link for most organisations; however, there is plenty of room for improvement across all three pillars. Importantly, the study highlighted that organisations struggled with the process component, finding it difficult to maintain discipline and staff buy-in when it comes to cybersecurity.”

The comprehensive study, completed in partnership with CoreData Research, canvassed the opinions of 300 IT decision-makers, predominantly from medium to large enterprises. Participants were asked a series of more than 50 in-depth questions to gauge their cybersecurity understanding, position, and attitudes.

Click here to read the full Networking and Cybersecurity Adoption Index.