Australia Strengthens Cybersecurity After Major Breaches

Enterprise leaders recognize growing threats, assess risks, change strategies to better detect and respond to attacks, ISG Provider Lens™ report says

SYDNEY--(BUSINESS WIRE)-- A recent series of damaging, high-profile data leaks in Australia has changed the way Australian organizations approach enterprise security and procure cybersecurity services, according to a new research report published today by Information Services Group (ISG) (Nasdaq: III), a leading global technology research and advisory firm.

The 2023 ISG Provider Lens™ Cybersecurity — Solutions and Services report for Australia finds that the attacks revealed escalating threats and changed cybersecurity from solely an IT issue to a closely monitored enterprise challenge.

“Australian companies recognize the business dangers of data leaks,” said Joyce Harkness, director, ISG Cybersecurity, for ANZ and Asia Pacific. “Top management and boards are increasingly interested in cyber risk and the quantification of such risk, and are involved in decision-making about strategies, products and services.”

The Australian government has strengthened the country’s cybersecurity response by imposing the Notifiable Data Breaches (NDB) scheme, which requires organizations to report breaches, and working with the state of South Australia to establish the Australian Cyber Collaboration Centre, an incubator for new security solutions and initiatives. More recently, the national government unveiled the 2023-2030 Australian Cyber Security Strategy, aimed at making Australia one of the most cyber secure nations in the world by 2030; appointed the nation’s first cyber security coordinator, and began operationalizing the Security of Critical Infrastructure Act 2018.

Recent attacks revealed that even large Australian enterprises have cyber capability gaps, the report says. Most had invested heavily in cybersecurity controls but focused only on preventing breaches and assumed all sensitive data was in offices. In reality, the attack surface has expanded with the rise of remote work, digital engagement, an expanding supply chain and IoT. Mistakes inside organizations and among IT provider partners, such as employees falling prey to phishing attacks or making configuration errors, are thought to have played a major role in recent leaks in Australia and elsewhere.

As a result, Australian enterprises have begun to assess their risk tolerance, evaluate current controls and take an “assume breach” approach, recognizing that not all breaches can be prevented and focusing on rapid detection and response, ISG says.

As they migrate to the cloud over the next few years, many Australian companies are expected to invest in cloud-based solutions, such as extended detection and response (XDR), the report says.

Companies with multiple cybersecurity tools, which often generate false positives that require manual intervention, will also need greater automation and interoperability to relieve the pressure on security operations centers (SOCs). The role of AI is expected to grow exponentially, often to secure IoT assets.

“We expect strong growth in the Australian security market over the next five years,” said Jan Erik Aase, partner and global leader, ISG Provider Lens Research. “Enterprises and providers will be investing heavily in both new technologies and essential skills.”

The report also explores other cybersecurity trends in Australia, including the increasing adoption of zero-trust frameworks and next-generation identity and access management (IAM) to maintain high-level security while enabling improved customer experience.

The 2023 ISG Provider Lens™ Cybersecurity — Solutions and Services report for Australia evaluates the capabilities of 82 providers across six quadrants: Identity and Access Management (IAM), Extended Detection and Response (XDR), Security Service Edge (SSE), Technical Security Services, Strategic Security Services, and Managed Security Services – SOC.

The report names IBM as a Leader in four quadrants. It names Accenture, CyberCX, Deloitte, DXC Technology, Fujitsu, NTT DATA, Telstra, Tesserent, Verizon Business and Wipro as Leaders in three quadrants each. Microsoft is named as a Leader in two quadrants. Bitdefender, Broadcom, Cato Networks, CGI, Cisco, CrowdStrike, CyberArk, EY, Forcepoint, HCLTech, Infosys, Kasada, KPMG, Netskope, Okta, Palo Alto Networks, Ping Identity, PwC, SailPoint, Tech Mahindra, Unisys, Versa Networks, VMware and Zscaler are named as Leaders in one quadrant each.

In addition, Kyndryl is named as a Rising Star — a company with a “promising portfolio” and “high future potential” by ISG’s definition — in two quadrants. BeyondTrust, HPE (Aruba), Macquarie Telecom Group and SentinelOne are named as Rising Stars in one quadrant each.

A customized version of the report is available from AC3.

The 2023 ISG Provider Lens™ Cybersecurity — Solutions and Services report for Australia is available to subscribers or for one-time purchase on this webpage.

About ISG Provider Lens™ Research

The ISG Provider Lens™ Quadrant research series is the only service provider evaluation of its kind to combine empirical, data-driven research and market analysis with the real-world experience and observations of ISG's global advisory team. Enterprises will find a wealth of detailed data and market analysis to help guide their selection of appropriate sourcing partners, while ISG advisors use the reports to validate their own market knowledge and make recommendations to ISG's enterprise clients. The research currently covers providers offering their services globally, across Europe, as well as in the U.S., Canada, Brazil, the U.K., France, Benelux, Germany, Switzerland, the Nordics, Australia and Singapore/Malaysia, with additional markets to be added in the future. For more information about ISG Provider Lens research, please visit this webpage.

A companion research series, the ISG Provider Lens Archetype reports, offer a first-of-its-kind evaluation of providers from the perspective of specific buyer types.

About ISG

ISG (Information Services Group) (Nasdaq: III) is a leading global technology research and advisory firm. A trusted business partner to more than 900 clients, including more than 75 of the world’s top 100 enterprises, ISG is committed to helping corporations, public sector organizations, and service and technology providers achieve operational excellence and faster growth. The firm specializes in digital transformation services, including automation, cloud and data analytics; sourcing advisory; managed governance and risk services; network carrier services; strategy and operations design; change management; market intelligence and technology research and analysis. Founded in 2006, and based in Stamford, Conn., ISG employs more than 1,600 digital-ready professionals operating in more than 20 countries—a global team known for its innovative thinking, market influence, deep industry and technology expertise, and world-class research and analytical capabilities based on the industry’s most comprehensive marketplace data. For more information, visit www.isg-one.com.

View source version on businesswire.com: https://www.businesswire.com/news/home/20230713245084/en/

Press:

Will Thoretz, ISG

+1 203 517 3119

will.thoretz@isg-one.com

Julianna Sheridan, Matter Communications for ISG

+1 978-518-4520

isg@matternow.com

Source: Information Services Group, Inc.