Cyber security front of mind for organisations: BDO and AusCERT Cyber Security Survey Report 2021

Cyber security front of mind for organisations: BDO and AusCERT Cyber Security Survey Report 2021


Cyber security is front of mind for all organisations, regardless of sector or size, according to the 2021 BDO and AusCERT Cyber Security Survey which had a record number of respondents. With increased threat from supply chain attacks and more digitisation, the 2021 report highlights the need for organisations to operate with a cyber resilient mindset.

The BDO and AusCERT Cyber Security Survey findings are in line with government investment: 175% increase in email as source of data breaches, cyber threats from foreign governments to industry increasing.

  • 33% increase in industry organisations believing foreign governments were responsible for cyberattacks against them.

  • Uncertainty around NDB continues.

  • Staggering 175% increase year-on-year for emails being the source of data breach.

  • Cyber insurance policy uptake rising by 33%, reflective of increasing threat recognition.

  • Industry implementing Security Operations Centres increases by 16%.

The sixth annual BDO and AusCERT Cyber Security Survey included almost 500 respondents across a variety of industry sectors.

Cyber security incidents continue to rise in volume and sophistication, becoming more disruptive and requiring significantly more time to recover from. Federal government is recognising this threat and this week announced a new A$89 million cybercrime centre.

The BDO and AusCERT survey for calendar year 2021 showed a 33% increase in the number of organisations that thought foreign governments were responsible for cyber-attacks against them. With current socio-political landscapes and various regional tensions rising, it can be expected that this number will continue to increase in the coming years.

There has been a staggering 175% increase year-on-year for emails being the source of data breach, accounting for more than half of reported data breaches. This is another instance that can be linked to the persistent effects of the COVID-19 pandemic, and work from home arrangements which has seen an increase in work related emails.

“Working remotely introduced a range of new systems and issues, including that of document sharing and distribution, especially during the early adoption of remote working,” said Leon Fouche, BDO’s National Cyber Security Leader.

“With the increase in decentralised working due to the pandemic, cyber awareness training for employees was another strong area of focus for many respondents, with more than 75% claiming to have an organisational cyber security training and awareness program in place.”

Signalling the recognition of cyber threats, the number of organisations with a standalone cyber insurance policy increased by 33% from 2020.

Concerns surrounding data breach at third-party providers increased by 30%, due to a greater dependency on third-party providers and addition of cloud based collaboration and file sharing platforms.

"The survey showed a 15% increase in the adoption of threat intelligence last year, with 60% of organisations now receiving some form of threat intelligence. This trend is reflective of the rising threat recognition by industry, as also echoed our findings from discussions with AusCERT's members. It validates our investment in sharing tactical intel via MISP, our open source threat sharing platform, as well as increasing of our forward-looking, strategic intel throughput,” said David Stockdale, AusCERT Director.

“Understanding and sharing intelligence will be critical to industry, given the trends and threats we are seeing.”

Of survey respondents, 72% were based in Australia, 20% were based in New Zealand, and 8% were based internationally.

This article first appeared on the BDO website on 5 April 2022.