DNS management and security services company Infoblox has unveiled a global report examining the state of security vulnerabilities, costs, and remedies, including some interesting findings in Australia.
It is well known that the pandemic has accelerated digital transformation projects to support remote work, and in Australia, there is now a mix of remote and on-site work. However, attackers have seized on vulnerabilities in these tectonic shifts to the cloud and work remotely. These actions by cybercriminals have increased the pressure on security teams, protocols, and defenses, with more work and bigger budgets pouring into the space.
One thousand one hundred respondents in IT and cybersecurity roles in 11 countries participated in the report, including the United States, Mexico, Brazil, United Kingdom, Germany, France, Netherlands, Spain, United Arab Emirates, Australia, and Singapore.
Australian companies have favored adding VPNs and firewalls over external devices for the past year. Fifty-five percent deployed virtual private networks and firewalls in response to securing a more remote workforce. Other popular device additions were employee remote devices (48%) and cloud-managed DDI servers (DNS, DHCP, and IP management) (41%). Company-owned external devices were added by just 39%. Australian organizations are most concerned about their vulnerability to data breaches, cloud attacks, and ransomware. Nearly half (46%) were most concerned about data breaches and were also worried about direct ransomware attacks on cloud services (40%) and general ransomware (37%). They were the least prepared to handle data breaches (22%) and remote employee connection attacks (14%), followed by ransomware and state-sponsored attacks (13%). Over half (58%) of all Australian respondents have experienced up to five IT security incidents in the past year. However, sixty-two percent reported that the IT events they experienced did not lead to a breach. Of the others, attackers were most likely to have compromised an employee’s remote endpoint or Wi-Fi access point (37%). The main attack mechanisms included data exfiltration (53%) and hijacked credentials (37%). Once inside, organizations were most likely to experience data manipulation, system failure (34%), or exposure to sensitive data and malware infections (32%). Fifty percent suffered up to US$1 million (AU$1.3 million) in direct and indirect damages. Most Australian organizations (71%) said they could generally respond to a threat within 24 hours. The fastest response time in the world. This response was supported by tools such as network traffic analytics (38%), system-specific vulnerability discovery (36%), and third-party threat intelligence solutions (35%). Moving forward, Australian IT security teams expect their biggest challenges to be remote monitoring (38%), IT security skills shortages (32%), and funding (32%). DNS is a popular strategy in Australia for easing organizational perimeter defenses. When examining the role of DNS (Domain Name System) in the overall security strategy of an Australian organization, 50% used it to discover devices making requests to malicious destinations, and 44% used it to detect malware activity earlier in the kill chain. Localize. Australian companies are deploying more resources to data protection and the cloud. About 62% of Australian companies saw their IT security budgets increase in 2021. Most (70%) expect more funding in 2022. Popular purchase options for on-premises investments include data loss prevention (23%) and network security (22%). Cloud access (36%) and DNS security (35%) security brokers were among the most popular cloud-based investments. Those anticipating a hybrid approach will likely see combination versions of VPNs/firewalls (35%) and data loss protection (34%). Interest in Australia’s Secure Access Service Edge (SASE) frameworks is increasing. As assets, access, and security move from the network core to the edge with the push for virtualization, 60% of Australian organizations have already partially or fully implemented SASE, and another 16% plan to do so through a single vendor (59% ) or a lot (41%).
“Cloud-first networks and associated security controls moved from useful features to business pillars as organizations sent office workers home,” said Matt Hanmer, director of Infoblox, Australia, and New Zealand.
“Our research has shown that to address the spike in cyber-attacks, Australian security teams are turning to DNS security and zero trust models such as DNS security for threat discovery as proactive tools for protecting corporate data and external devices”, he says.
“It’s also amazing to see that 71% of Australian organizations said they were generally able to respond to a threat within 24 hours. This is the highest percentage in the world, and we can be proud of our companies for their dedication.”