Research by French Multinational Thales suggests local IT leaders are increasingly concerned about data breaches, leading to a renewed focus on cloud security and access management.
With cybercrime costing the economy up to $29 billion annually, the ‘data breach effect’ is causing Australian organisations to rethink access management. Awareness of risk is high. According to the 2020 Thales Access Management Index – Asia Pacific and Japan Edition, released today, half (48 per cent) of IT leaders acknowledge their cloud applications (e.g. SaaS, PaaS, IaaS) are the biggest targets for cyberattacks. Two-thirds (63 per cent) cite the increased in use of cloud applications, and almost one-third (29 per cent) suggest poor access management solutions are to blame.
The data breach effect
Organisations are increasingly acting on the realised threat of data breaches. According to the global study, 95 per cent of IT leaders in Australia say their organisations’ security policies around access management have been influenced by data breaches in the last 12 months. Specifically, half (53 per cent) of organisations are now implementing access management due to the threat of large-scale breaches.
The knock-on effect can be seen at the board level, where almost half (47 per cent) of organisations confirmed secure access management is a board priority. In fact, 64 per cent of respondents now find it “easy” to sell the need for security to the board versus 37 per centthis time last year.
Convenience requirements are putting data at risk
Despite the data breach effect taking hold, the struggle between convenience and security continues to cause friction. Three quarters (74 per cent) of organisations’ security teams feel under pressure to provide convenient access to users while still maintaining security. For example, one in five (22 per cent) organisations admit they don’t secure external users’ access – such as partners, consumers and contractors – to online corporate resources with access management. These findings coincide with the latest OAIC Data Breach report, which shows most breaches are a result of human error or cyber-attacks linked to phishing or poor password practices.
Finding security focus in a pandemic world
As Australia’s work from home migration continues, and cloud applications become the norm, the need for increased security awareness at the board level continues. Half (47 per cent) of IT leaders believe their board members don’t fully understand the risks of poor IT security.
Despite this, innovation in security is firmly on the agenda. Over the next 12 months, half (48 per cent) of organisations expect to expand their use of out-of-band authentication; 47 per cent plan to implement smart Single Sign-On (SSO); 42 per cent will be looking at the use of biometrics; and 45% will pursue hardware and software tokens, to protect their applications.
“As organisations focus on ways to keep themselves running in this pandemic world, the cloud is becoming even more integral to business processes,” said Rana Gupta, APAC Regional Vice President for Data Protection solutions at Thales.
“Organisations had to move quickly in order to enable employees to work from home. The increasing adaption of various cloud platforms and huge numbers of users accessing their systems from remote locations has inherently increased security risks.
“Investing in smart access management, through a choice of multi-factor authenticators, is the need of the hour. Expanding the use of flawed systems, such as passwords, is only going to lead to much bigger problems as organisations continue to expand in the cloud,” Mr Gupta concluded.”