GetApp's Annual Data Security Report reveals AI-enhanced cyberattacks as the top concern, with ransomware and phishing still posing significant threats.
SYDNEY, Australia - 6th November 2024 - According to the findings of GetApp's Annual Data Security Report, more needs to be done to protect sensitive data from cybercriminals.
The study found that, according to 55% of participants, AI-generated deepfake attacks are the leading security-related threat for this year and into 2025. Notably, 66% of Aussie companies now have a response plan to combat this threat.
GetApp surveyed 4,000 IT professionals in 11 countries, 500 of whom were in Australia.
Email phishing and ransomware attacks remain prevalent in Australia
Phishing continues to top the list of concerns for IT professionals, with 92% of Australian respondents stating that they or others in their organisation had received phishing emails in the past year. Alarmingly, 86% of this group reported that someone in their organisation had clicked on malicious links within those emails.
Advanced email phishing (32%) and ransomware attacks (30%) are the top threats IT professionals are concerned about for 2025.
In 2024, ransomware attacks impacted a significant number of Australians, with 64% reporting that their organisation had been targeted by one or more system-locking attacks aimed at stealing data and extorting businesses. Advanced email phishing (32%) and ransomware attacks (30%) are expected to be the most concerning threats for IT professionals in 2025.
The fallout from ransomware attacks is severe, with 60% of affected companies paying the ransom. A smaller proportion (24%) could recover and decrypt their data without paying, while 28% lost data that was never recovered.
Data breaches in Australia are higher than the global average
Data breaches are becoming more frequent in Australia. 72% of IT professionals report that their company experienced one or more violations in the last 12 months, compared to the global average of 61%.
The leading causes of data breaches are software vulnerability (50%), malware (47%), and social engineering (38%). Not all breaches are due to malicious intent, as 37% occurred due to system misconfigurations or errors. This highlights the importance of regular system checks to maintain integrity. Reassessing overall data security was the top priority for 51% of Australian respondents, especially given the growing threat of AI-generated cyberattacks.
The data also shows that 75% of Australian workers are in organisations that simulate phishing attacks, higher than the global average of 70%. These exercises help enhance email security by increasing awareness of social engineering threats and identifying additional cybersecurity training needs.
"IT professionals need to remain vigilant against a new incoming wave of AI-generated deepfake attacks and ensure they have the right protocols and procedures in place for them if they haven't done so already," said Andrew Blair, Content Analyst at GetApp.
"Additionally, IT professionals will also need to improve basic cybersecurity efforts in 2025 to curb the amount of data breaches as regulations begin to tighten," Blair continued.