Tenable, an exposure management firm, has published results from a survey of Australian IT and cybersecurity leaders. The survey revealed that 44% of respondents experienced a 5% to 15% reduction in insurance premiums after implementing proactive risk management strategies.
These findings illustrate the financial advantages of such measures and the wider impact of preventive cybersecurity practices.
The survey, conducted in collaboration with advertising agency Pure Profile, included over 200 IT and cybersecurity leaders from Australia’s insurance, banking, education, healthcare, and transport sectors.
The data offers insights into whether the Australian government’s measures are adequate against evolving cyber threats and highlights the risk mitigation strategies that enterprises can employ to avoid financial losses from cyber incidents.
Calls for increased funding
A huge portion of survey participants, 79%, expressed the need for increased federal funding to prioritise preventive cybersecurity measures. This consensus points to a crucial gap in current strategies and underscores the importance of preventing cyber incidents rather than solely responding to them.
Preventative Cybersecurity Measures in Australia
Organisations have already implemented several preventive measures, such as:
-
- multi-factor authentication for accessing sensitive data (69%)
-
- exposure management (63%)
-
- regular employee cybersecurity training (64%)
-
- routine updates and patches for software and systems (59%)
“The increasing frequency of cyberattacks and resulting cyber insurance claims continues to put pressure on insurance premiums but, as the Tenable poll reveals, preventative risk management practices can lead to premium reductions,” said Scott McKinnel, country manager of Tenable ANZ. “Managing all costs associated with cyber protection is critical to organisations’ overall risk management strategy. By adopting preventive risk management practices to anticipate threats, companies can improve their security posture while realising tangible financial savings.”
APRA establishes cybersecurity and data backup standards
The release of Tenable’s survey results comes on the heels of the Australian Prudential Regulation Authority’s (APRA) directive, emphasising the importance of data backups for ensuring cyber resilience.
This notice is part of the regulator’s broader strategy to enhance cyber resilience across the industry, as outlined in its Interim Policy and Supervision Priorities update.
It addresses recurring issues in current backup practices that could impact system restoration during a cyber event. APRA requires regulated entities to evaluate their backup systems and promptly address any deficiencies.
“As outlined in APRA’s Interim Policy and Supervision Priorities update, APRA will maintain its heightened supervisory focus on cyber resilience, ensuring that all entities meet the requirements in Prudential Standard CPS 234 Information Security (CPS 234). Regulated entities are also encouraged to periodically self-assess themselves against sound information security practices in Prudential Practice Guide CPG 234 Information Security (CPG 234),” it said.
