Report: Most ANZ IT and security managers hit by phishing attack

Report: Most ANZ IT and security managers hit by phishing attack

Report: Most ANZ IT and security managers hit by phishing attack

A new report from Arctic Wolf reveals what the company calls “hubris” among technology leaders in Australia and New Zealand.

Cybersecurity company Arctic Wolf has just published its 2024 Human Risk Behavior Reportand this does not paint a rosy picture when it comes to the security practices of technology and security leaders in the ANZ region.

Sapio Research – which conducted the survey on behalf of Arctic Wolf – spoke to more than 1,500 senior security and IT decision-makers in 16 countries, including 100 end users and 100 decision-makers in New York. Zeeland and Australia.

Given the results, the region’s leaders are displaying alarming overconfidence. Although 84 percent of respondents say they are confident their organization will not fall victim to a phishing attack, 70 percent have actually clicked on phishing links themselves.

The situation is even worse: 42% of them disable security measures on their personal devices and 67% admit to reusing their passwords.

It also turns out that while many companies (67%) have AI policies in place, only 25% of end users are aware of these policies, highlighting a problem in the field of education.

But perhaps more alarming is that 30% of IT managers have had an employee fired after falling victim to a scam, a statistic that speaks to a culture of “ask no nothing, don’t get anything.” say” when it comes to reporting cyber incidents. Unsurprisingly, 45% of end users admitted to being afraid that reporting an incident would result in their termination.

“It is imperative that employees feel comfortable reporting incidents so they can be confident the issue is resolved without recrimination or dire consequences such as termination, and without learnings being incorporated into future security practices”, Mark Thomas, Director of Security Services – ANZ at Arctic Wolf. , told Cyber ​​Daily.

“Setting a good example to cultivate a positive culture of cybersecurity awareness is a collaborative exercise – it starts at the top, so IT leaders must be empowered to address the current scam response climate with measured and effective approaches .

“One of the positive benefits of Australia’s no-fault reporting mandate is the potential to see organizations empowered to move from a culture of cover-up and victim-blaming to one of transparency. This approach should be adopted by workplace leaders to improve cybersecurity preparedness and business resilience across the organization.

Speaking on the importance of training staff in cybersecurity best practices, Thomas said the Arctic Wolf report highlights “the importance of internal vigilance and robust cybersecurity and data security measures at all levels of the company, including entry-level employees.

“However, the fact that even IT leaders are falling prey to phishing scams means there is a real call to action to lead by example and enshrine strong cybersecurity best practices in their organization,” Thomas said.

“This starts with regular engagement through briefings, making education fun and inspiring rather than a check-box compliance exercise, and empowering teams to undertake security awareness training. “

You can read the full 2024 Human Risk Behavior Report here.

This AI scouting platform places soccer talent spotters everywhere

This AI scouting platform places soccer talent spotters everywhere

Amazon workers walk out over layoffs and broken climate promises

Amazon workers walk out over layoffs and broken climate promises

Leave a Reply

Your email address will not be published. Required fields are marked *