08/12/17 | Red Team
Earlier this year, we began surveying over 220 business IT decision makers from organisations across New Zealand (with 20+ employees) about their cyber security posture.
The results are in and they show that Kiwi businesses are taking cyber security more seriously as the number of cyber-attacks continues to rise. However, there are still some areas where improvement is needed.
- Over half of New Zealand businesses now acknowledge their risk of falling victim to cyber-crime.
- 46% have been targeted by ransomware, malware or phishing attempts in the last 12 months.
- 1 in 4 were impacted by the recent NotPetya and WannaCry attacks and many more were prompted to update their cyber security policies.
Areas to improve
These high-profile attacks may have spurred action by companies to secure their valuable assets, but cyber security is made up of many different parts, including people, process and technology.
Your staff are your biggest weakness with over 90% of cyber-attacks starting with employees click on unsafe links in phishing emails.
Although 75% of respondents were confident that their staff understand cyber security best practice, over 30% do not carry out employee training or awareness programmes.
Testing your defences
Only half of the businesses surveyed carry out regular penetration tests of web-facing applications.
Previously, we’ve talked about the importance of putting your defences to the test by simulating a cyber-attack. This form of testing is called a Red Team attack and its purpose is to provide an organisation with a complete ‘warts and all’ look at its security posture.
And in the event of a data breach, interruption to services or malware attack, one-third do not have a cyber-incident response plan in place and over 40% don’t have cyber insurance in place.
To see the full results of our survey, download the report here.
To find out more about how you can put your business’ defences to the ultimate test, download our Introduction to Red Teaming guide.