Australia is one of the most breached countries: How can employers safeguard their business?

A new study has revealed Australia as the sixth most breached country so far this year, encouraging employers to take a hard look at their cyber security measures.

According to cyber security company Surfshark, over Q2 2023, Australia was the sixth most breached country, with almost 2 million leaked accounts. This means around 20 thousand Australian user accounts were leaked every day during the time period – an 11 times increase from the previous quarter.

In Q1 2023, Australia was ranked 19th in terms of countries with the most breaches.

Globally, the research showed a total of 110.8 million accounts were breached, with the US ranking first and amounting to almost half of all breaches from April through June.

Russia took out second place for most breaches, while Spain was ranked third, followed by France and Turkey.

There is a 2.6 times increase in breached users worldwide compared to Q1 2023. North America was the most affected region by data breaches, followed by Europe and Asia, Surfshank noted.

“According to the most recent Surfshark’s global data breach statistics, leaked accounts surged almost threefold in the second quarter of 2023 compared to the previous quarter,” said Agneska Sablovskaja, lead researcher at Surfshark.

“Such alarming increase in data breaches highlights that the current data protection measures are not sufficient, and sensitive information remains at risk as cyber criminals continue to access it in ever higher numbers.”

There are certain things employers can be do to better protect their businesses.

According to Tony Anscombe, chief security evangelist at ESET, organisations can ensure their data is as leak-proof as possible by investing in technology and maintaining it.

“Extending the technologies used in businesses to include technologies such as endpoint detection and response, vulnerability and patch management, and the associated management tools that allow cyber security teams to view and prioritise alerts created by such systems is imperative to keeping one step ahead of cyber criminals and their changing techniques and tactics,” he said.

“Where resources are an issue, outsourcing some or all of the cyber security operation may help; in some instances, outsourcing the day-to-day operations will free up internal teams to focus on the more serious alerts and investigate fully.”

Human error plays an important role in many cyber attacks, said Mr Anscombe. This is why educating and training employees on cyber security is crucial to maintaining a secure workplace.

“There are many statistics demonstrating that cyber attacks often start due to human behaviour, be it social engineering, phishing, or even venturing into deep-fake technologies,” he said.

“The United States Cybersecurity Infrastructure Security Agency attribute 90 per cent of cyber incidents as starting with a phishing attack. Employee training on the core principals of cyber security is incredibly important in order to help mitigate this threat.”

Mr Anscombe added: “It should include continual education on the current and evolving threats; for example, if a region or business category is experiencing specific campaigns conducted by cyber criminals, then short refresher education should be conducted using the current and relevant content. It’s also a good practice to conduct simulation attacks in order to identify any weaknesses or areas that need additional focus.”