With, new research suggests that nearly half of Australian companies still haven’t implemented the corporate cyber security controls and policies to comply with the new legislation.Just 17.6 percent of the Australian IT decision-makers responding to the iTnews-Mimecast survey said they were ready for the new NDB scheme and confident that they can comply already, while 38.3 percent said they were confident they would be ready by the deadline.
Given the importance of email to the modern business, many companies are naturally focused on email protection software as a core element of their cyber resilience plans. Some 76.7 percent of respondents said they were investing in email protection, which provides protection against ransomware and targeted phishing as well as protecting companies that are migrating to Microsoft Office 365. However, just 64.3 percent of companies said they were using patch management to fix software vulnerabilities that could be exploited for a cyber security breach.
Apart from the potential direct financial and reputational damage to a company after a breach, the costs and time involved in recovery can be devastating. This is why the findings of the iTnews-Mimecast are a wake-up call for every Australian business – and will compound concerns as we near the May implementation date for even stricter European Union general data protection regulation (GDPR) controls. Every company needs to have a comprehensive suite of technological protections, backed with business and IT policies to ensure cyber resilience in the event of a breach. And while many companies have done the right thing to improve their data security, many others will be caught on the back foot when NDB and GDPR legislation takes effect. All should move quickly to minimise their exposure and ensure that they can operate with the confidence that only true cyber resilience brings.