Report's finding come amid major concerns over potential loss of sensitive data
Employees in Australia are more likely to violate organisational policies on data security than their international counterparts, raising the risks of cyberattacks on local firms.
One in five IT and security-decisions makers surveyed by Rubrik Zero Labs in Australia said people inside their organisations were "definitely accessing data" in violation of data policies.
This is higher than the global average of 11%, according to the report, which sought over 1,600 respondents from the US, UK, France, Germany, Italy, Netherlands, Japan, Australia, Singapore, and India.
The report also found that 11% of Australian boards and C-suites only receive data security updates when there is a material issue, while only four percent of senior decision makers receive updates at least monthly.
"The trend globally is for the majority of senior leaders to receive data security updates quarterly or every six months. This is much better practice as it allows any issues to be addressed before they're exploited," said Antoine Le Tard, Vice President, Rubrik APAC, in a statement.
Le Tard attributed the situation to Australia's "getting it done" culture at work.
"In my experience, Australians go above and beyond to innovate in order to get the best outcome for their customers and the business. This desire to help as quickly as possible and remove friction from the customer relationship can sometimes lead to a liberal interpretation of organisational procedures and policies," Le Tard said.
"While their heart is in the right place, we now live in an age in which cyber attackers are constantly looking for any inroads they can find – so it’s clear data security policies are a corner that should never be cut."
High risk of data loss
The findings come as one in four Australian respondents believe their organisation is at "high risk" of material loss of sensitive data in the next 12 months.
In Australia, there are about 5.7 million sensitive data records observed on average. And 88% of Australian IT and security leaders said their current data growth is already outpacing their ability to secure data.
In fact, 58% of Australian organisations already experienced loss of sensitive data in the past year.
Australian organisations also reported the highest instance of multiple data loss events in the same year (31%), higher than the 20% global average, according to the report.
The most widely reported data that were compromised following attacks include:
- Account numbers (42%)
- Authentication keys (35%)
- Corporate financial data (35%)
- Intellectual property (35%)
"We see that left unattended, today's data proliferation can cripple businesses. Organisations need to have the right visibility into their data to secure it, with a clear plan for cyber resilience that delivers business continuity," said Steven Stone, Head of Rubrik Zero Labs.
