s organisations increasingly

IT Security and Chief Information Security Officers have long struggled to articulate the cost of cybersecurity debt to their organisations . Yet doing so is key to getting the funding required to pay down this debt , since it can expose organisations to significant risk .

To put the cost of cybersecurity debt into perspective and help security leaders make a compelling case for addressing it , ExtraHop released the 2023 Global Cyber Confidence Index : Cybersecurity Debt Drives Up Costs and Ransomware Risk , which identified a link between cybersecurity debt and heightened exposure to cybersecurity incidents , including ransomware , among Australian and New Zealand organisations .

Outdated practices are to blame

A large percentage ( 80 %) of Australian and New Zealand IT decision-makers say outdated cybersecurity practices have contributed to at least half of the cybersecurity incidents their organisations have experienced . Despite these concerning figures , only 62 % of respondents said they have immediate plans to address any of the outdated security practices that put their organisations at risk .

Basic cyber hygiene is lacking

The survey found that all Australian and New Zealand respondents are running one or more insecure network protocols . Despite calls from leading technology vendors to retire SMBv1 , which played a significant role in the explosion of WannaCry and NotPetya , 84 % are still running it in their environments .

When it comes to unmanaged devices , 53 % say some of their critical devices are capable of being remotely accessed and controlled and are exposed to the public Internet .

Confidence in cloud security is on the rise

As organisations move mission-critical applications and sensitive data to the cloud , the need to monitor cloud workloads has never been greater . With a greater focus on their cloud environments , 79 % of respondents said they were completely or mostly confident in the security of their organisation ’ s cloud workloads . u

The research , which compares IT leaders ’ cybersecurity practices with the reality of the attack landscape , found organisations experienced a significant increase in ransomware – from an average of four attacks over five years in 2021 versus four attacks over the course of one year in 2022 . Of those who fell victim , 82 % admitted to paying the ransom at least once .

As organisations increasingly find themselves under attack , the data discovered they are drowning in cybersecurity debt – unaddressed security vulnerabilities like unpatched software , unmanaged devices , shadow IT and insecure network protocols that act as access points for bad actors . Key findings from the report include : intelligent NETWORK SECURITY www . intelligentciso . com

59