BAE Systems has launched its free cyber risk assessment tool – specifically aimed at Australian small business to help them prepare for “When, not if, they are breached.”
BAE Systems provide some of the world's most advanced, technology-led defence, aerospace and security solutions. It has released research into the cyber security preparedness of Australian businesses, and an online Cyber Risk tool to better understand their cyber security readiness.
The Cyber Risk tool measures a business’ cyber security preparedness across ten key elements of ICT security, including incident response and information management. It was developed in response to global research indicating potential weaknesses in Australian businesses’ cybersecurity measures.
BAE Systems Head of Cyber Solutions Asia-Pacific and Japan, Alex Taverner, said, “When the Prime Minister launched Australia’s Cyber Security Strategy in April, he identified the need for businesses of all sizes to understand their cyber hygiene through voluntary “health checks”; one of BAE Systems key recommendations during the preceding review process.
{loadposition ray}
The BAE Systems survey found that in Australia, a quarter of businesses don’t know if they have the security controls in place to defend against cyberattack. “This online tool will enable businesses to answer that very question, and take steps to improve their cyber preparedness in the likely case that they are found wanting,” said Taverner.
The research, which is part of a global survey including the US, UK, Malaysia and Singapore, reveals the importance of businesses regularly checking their readiness for cyber-attack and assessing whether they have the right people, technology and processes in place.
The research found:
- 25% of Australian businesses don’t know if they have the security controls in place to defend against cyberattack. Of all the countries surveyed, this is the highest by a significant 10% (75% in Australia versus 85% globally said they were confident they had the right controls in place).
- 73% of Australian businesses reported a cyberattack had occurred on average in the last six months – 34% in the last month.
- The average cost of a cyberattack for an Australian business is over $622,515.
- 32% said they weren’t very confident their business could return to business as usual within 48 hours, or that they’d never thought about it.
- 15% have not tested their incident response plan in up to two years. 9% said they don’t have an incident response plan or don’t know if they have one.
“Our research found Australian businesses were more likely to report a cyberattack than the global average. As recent high-profile cyberattacks have demonstrated, businesses of all sizes and in all industries must ensure they’re prepared. Regular testing, training of staff, and updating technology and processes is crucial to avoid or minimise monetary and reputational damage. We encourage all businesses to take this simple test to assess the strengths and weaknesses in their cyber security and understand their vulnerabilities,” said Taverner.
Header image courtesy Australian Defence Magazine