Almost two-thirds of IT and security leaders in Australia (64%) said they would likely pay a ransomware demand to recover their data, according to Rubrik, which delivers data security and operational resilience for enterprises.
Rubrik Zero Labs commissioned its second global study with Wakefield Research to gather insights from over 1,600 IT and security leaders – half of which were CIOs and CISOs – across 10 countries. Rubrik telemetry supplemented the study by combining qualitative and quantitative data.
Among the 64% Australian respondents that would likely pay a ransomware demand, almost three-quarters (72%) revealed that they previously paid to recover data or stop a ransomware attack.
“Organisations are struggling to keep their heads above water against the rising tide of cyberattacks,” said Rubrik ANZ managing director Scott Magill. “Almost every Australian respondent (98%) had seen malicious actors attempt to impact their data backups during a cyberattack. Alarmingly, 87% said the attackers were at least partially successful in these attempts.”
Rubrik's report found that Australian businesses have faced a steady stream of attacks, with the respondents reporting an average of 46 attempted cyberattacks in the past year. As a result, 82% of local security leaders are concerned their company will be unable to maintain business continuity.
“In a bid to turn the tables, Australian businesses are looking to bolster their troops, whether through artificial intelligence (AI) or hiring security personnel,” Magill said. “While 52% reported increased interest in supporting security teams with AI and 49% sought to hire additional staff, 38% said a lack of specialised IT talent impacted these efforts.”
Despite facing the increasing prevalence of cyberattacks, only 53% of Australian organisations developed or reviewed an incident response plan in 2022. Meanwhile, only 58% had tested their backup and recovery options.
“It's clear organisations understand the gravity and impact of cyber incidents, but we also see a range of roadblocks from a lack of preparation, misalignment between IT and security teams and over-reliance on insufficient backup and recovery solutions,” said Steven Stone, head of Rubrik Zero Labs. “In the current era of cybersecurity, the best outcome is ensuring cyber resilience. Incidents are inevitable, so it's critical to reduce the risk before a response is needed, and – at all costs – protect the crown jewel: the data.”
Rubrik's findings aligned with the results of the 2023 Thales Data Threat Report, which showed that over a third of Australian organisations (36%) experienced a data breach in the last 12 months. Among the IT professional respondents, 45% said they believe security threats have increased in volume or severity.
