New research has shed light on the impact of a bump in ransomware activity on Australians working from home amid the ongoing COVID-19 pandemic.
According to a new study from cyber security company Tenable — which involved a global survey of 426 security representatives, 422 business executives, and 479 remote workers — 73 per cent of Australian organisations were victims of cyber attacks targeting remote workers over the past 12 months.
However, just 29 per cent of remote workers were found to have followed organisations’ security protocols.
This comes as 77 per cent of Australian businesses plan to support remote work at least once a week in the next 12-24 months, while 59 per cent plan to make remote work permanent over the next few years.
Emphasising the need for tighter security protocols is the sensitive data held by organisations, with financial records (43 per cent) and customer data (51 per cent) among the information held.
However, two in five security representatives noted they lack visibility into remote employee home networks and connected devices, with just 29 per cent lacking staff to adequately monitor the attack surface.
On the whole, the study found that 92 per cent of Australian organisations experienced disruptive cyber attack, with 70 per cent suffering an attack that resulted from vulnerabilities in systems put in place in response to the pandemic.
Roughly 59 per cent of security representatives attributed recent attacks to a third-party software vendor compromise.
“The traditional, office-bound work model is gone. Organisations in Australia need to quickly embrace a hybrid work model that allows working from home to be as seamless and secure,” Scott McKinnel, ANZ country manager at Tenable, said.
“That also means security leaders need to adjust their approach to security to meet these challenges head-on.
“The next 12-24 months will truly test the grit of organisations as they navigate and secure the new world of work. It’s crucial that Australian businesses are putting the systems and processes in place to give security leaders effective visibility into the entire threat surface of the organisation.”
Organisations plan to ramp up cyber security protections, investing in in vulnerability management (76 per cent), cloud security (71 per cent) and identity access (71 per cent).