Professional Documents
Culture Documents
Study Id117863 Cyber Security and Cyber Crime in Australia
Study Id117863 Cyber Security and Cyber Crime in Australia
01 Global overview Average loss of cyber incidents reported to ACSC in Australia FY 2022, by org size 22
Cyber attack types organizations were most likely to fall victim to Australia 2022 23
Cybersecurity market revenues worldwide 2020-2030 04
Global cybersecurity technology growth rate forecast 2021, by technology 05
04 Ransomware and malware
Critical cybersecurity areas worldwide 2022-2023 06
Share of cyber attacks in global industries worldwide 2022 07 Reported ransomware and malware attacks in Australia 2022, by month 25
Cyber security investment priorities for companies worldwide 2022 08 Number of reported ransomware and malware attacks in Australia 2022, by age 26
IT spending forecast on cyber security worldwide 2022 09 Number of ransomware and malware attacks in Australia 2022, by location 27
Delivery of ransomware attacks in Australia 2022, by number and amount lost 28
Share of organizations with data trust practices in Australia 2021 by practice 13 Reported loss from scams in Australia 2022 by leading category 31
Breakdown of government cyber security strategy funding in Australia 2020 14 Reported loss from scams in Australia 2022, by payment method 32
Leading network protection challenges foreseen by organizations in Australia 2022 15 Online shopping scam loss in Australia 2015-2022 33
Organizational understanding of risks arising from third parties Australia 2021 16 Number of scam attempts to gain personal info in Australia 2022, by age 34
Delivery of attempts to gain personal info Australia 2022, by number and amount lost 35
Share of cyber security incidents reported to ACSC in Australia FY 2022, by sector 20 Share of adults who believe companies use their online personal data Australia 2021 38
Share of cybercrime incidents reported to ACSC in Australia FY 2022, by state 21 Share of adults who always refuse app permissions Australia 2021 by age group 39
1
Table of Contents
2
CHAPTER 01
Global overview
Size of the cybersecurity market worldwide from 2020 to 2030 (in billion
U.S. dollars)
Cybersecurity market revenues worldwide 2020-2030
600
538.3
500
407.9
Market in billion U.S. dollars
400
296.1
300
217.9
200
100
0
2020 2022 2027* 2030*
4 Description: The global cybersecurity market size is forecast to grow to 538.3 billion U.S. dollars by 2030. Cybersecurity is the practice of protecting computer information systems, hardware, network, and data from cyberattacks. An increasing awareness of cyber
threats lead to a rising investment in cybersecurity infrastructure worldwide. Read more
Note(s): Worldwide; 2021 to 2027; * Forecast 2022-2030 CAGR: 7.8% Read more
Source(s): GlobeNewswire; Research and Markets; Various sources
Expected growth rate of cybersecurity technologies worldwide in 2021, by
technology
Global cybersecurity technology growth rate forecast 2021, by technology
8% 7.5%
6.6%
6.2%
6%
4.2% 4.2%
4%
2%
0%
Web and email security Vulnerability and security Endpoint security Identity access Network security Data security
analytics management
5 Description: In 2021, global web and email security technology is expected to grow approximately 12 percent in a best-case scenario. Even in a worst-case scenario, this segment is expected to grow by almost 9 percent. As organizations rely heavily on disparate
technologies to empower their workforce, these technologies converge to ensure properly working connections between cloud services and users. Certainly, security is a cornerstone of this development in order to protect sensitive data, for example. Read more
Note(s): Worldwide; 2021
Source(s): Canalys
Most important cybersecurity areas worldwide in 2022 with a forecast
until 2023
Critical cybersecurity areas worldwide 2022-2023
Share of respondents
2023 2022
Privacy 45%
53%
Cybersecurity analytics 41%
45%
Cybersecurity metrics 38%
45%
Risk analysis 36%
46%
Application security 36%
Compliance 30%
39%
Workforce education 25%
35%
Penetration testing 22%
33%
Zero Trust 17%
6 Description: Over half of respondents agreed that the most critical cybersecurity area in 2023 was data security. It was followed by privacy and cybersecurity analytics, each chosen by more than 40 percent of respondents. Read more
Note(s): Worldwide; 2021 to 2022; 1,125 respondents; 500 respondents from the United States, as well as 125 respondents for each of the following regions: ANZ, ASEAN, Benelux, DACH and the UK.
Source(s): CompTIA
Distribution of cyber attacks across worldwide industries in 2022
Share of cyber attacks in global industries worldwide 2022
Manufacturing 24.8%
Energy 10.7%
Education 7.3%
Healthcare 5.8%
Government 4.8%
Transportation 3.9%
7 Description: In 2022, manufacturing had the highest share of cyber attacks among the leading industries worldwide. During the examined year, cyber attacks in manufacturing companies accounted for nearly 25 percent of the total cyber attacks. Finance and
insurance followed with around 19 percent. Professional, business, and consumer services ranked third with a share of 14.6 percent. Read more
Note(s): Worldwide; 2022
Source(s): IBM
Main cyber security investment priorities for companies worldwide in 2022
Cyber security investment priorities for companies worldwide 2022
Share of respondents
Realising benefits from implementation Implementing at scale Started implementing / Planning to do in the future
0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% 110%
8 Description: As of 2022, 16 percent of respondents stated that their company was already realizing the benefits from investing in cloud security, security awareness training, and endpoint security. However, more than 50 percent of respondents were planning on
implement third-party risk management processes and zero trust strategies in the future. Read more
Note(s): Worldwide; July to August, 2021; 3,602 respondents; Business, technology and security executives
Source(s): PwC
Information Technology (IT) spending expectation on cybersecurity
worldwide in 2022
IT spending forecast on cyber security worldwide 2022
80%
69%
70%
60%
Share of respondents
50%
40%
29%
30%
20%
10%
2%
0%
2022 spending will increase 2022 spending will stay flat 2022 spending will decrease
9 Description: In 2021, when asked about their organizations' plan to increase spending on cybersecurity in 2022, 69 percent of respondents indicated that their spending will increase. Only two percent of respondents expected their cyber security spending to decrease
in 2022. Read more
Note(s): Worldwide; November 2021
Source(s): ESG
CHAPTER 02
5,000
4,540
4,500 4,230
4,120
4,000
3,640
Market size in million U.S. dollars
3,500
3,000
2,500
2,000
1,500
1,000
500
0
2019 2020 2021 2022*
11 Description: The total market size of the cybersecurity industry in Australia was estimated to reach over 4.5 billion U.S. dollars in 2022. According to the source, the federal government was the largest end-user market for cyber security sales in the country. Read more
Note(s): Australia; 2019 to 2022; *2022 estimates. Total market size is total local production plus imports, minus exports. Read more
Source(s): International Trade Administration
Distribution of intended spending over the next two years to simplify
cyber security by organizations in Australia in 2021, by initiative
Share of planned cybersecurity spending by organizations Australia 2021 by initiative
12 Description: In a survey conducted amongst executives and corporate directors of organizations in Australia in 2021, over the next two years, organizations planned to allocate around 13 percent of their cyber security spending to integrating controls and processes
across disciplines including risk, cyber, compliance, and privacy. Other planned spending categories included reducing outdated or end-of-life technology, and restructuring their security teams. Read more
Note(s): Australia; July and August 2021; 114 respondents; Respondents were executives (38 CEOs, and 76 corporate directors, CFOs, CISOs, CIOs, and C-Suite officers)
Source(s): PwC Australia
Share of organizations with fully implemented formal data trust processes
in place in Australia as of October 2021, by data trust practice
Share of organizations with data trust practices in Australia 2021 by practice
Share of respondents
0% 5% 10% 15% 20% 25% 30% 35% 40% 45%
Knowledge of the data inventory, where data comes from, ow data moves through
35%
business processes and systems and how it has been transformed (protection)
Data retention and data elimination policies and schedules (minimisation) 38%
Ability to share data securely with third-parties, business partners, and suppliers,
and to potentially "audit" their compliance to terms (security measures, 39%
disposition, appropriate usage) (protection)
Deployment of processes and technologies that provide encrpytion, tokenization,
39%
redaction/masking technologies across sensitive data enviroments (protection)
An understanding of where personally identifiable information (PII), sensitive data,
intellectual property, and high value data resides throughout the enterprise 32%
(discovery)
Capability and process for valuing data assets and continuously improving data
34%
quality (governance)
13 Description: In a survey conducted amongst executives and corporate directors of organizations in Australia in 2021, just over one third of the organizations had fully implemented formal processes regarding data inventory knowledge, including where data comes
from, how it moves through the business, and how it is transformed. Less than one third of organizations had fully implemented practices regarding personally identifiable information, sensitive data, intellectual property and other high [...] Read more
Note(s): Australia; July and August 2021; 114 respondents; Respondents were executives (38 CEOs, and 76 corporate directors, CFOs, CISOs, CIOs, and C-Suite officers)
Source(s): PwC Australia
Australian government funding to measures under the cyber security
strategy in Australia in 2020 (in million Australian dollars)
Breakdown of government cyber security strategy funding in Australia 2020
14 Description: The 2020 Cyber Security Strategy, released by the Australian Government, indicated that a total of 1.35 billion Australian dollars was committed to funding Cyber Enhancement Situational Awareness and Response (CESAR). CESAR is a package designed to
support the Australian Government in the identification of cyber threats, disrupt cyber crime, and build partnerships with industry and government. Read more
Note(s): Australia; 2020
Source(s): Department of Home Affairs (Australia)
Leading challenges foreseen by organizations in protecting their networks
against cyber threats and attacks in Australia in 2022
Leading network protection challenges foreseen by organizations in Australia 2022
Share of respondents
0% 5% 10% 15% 20% 25% 30% 35% 40%
Lack of visibility into user and device activity on the network 17%
Volume of incidents 9%
15 Description: In a survey conducted amongst organizations in Australia in early 2022, around 38 percent of respondents considered monitoring remote worker access would pose a challenge in protecting their network against cyber threats and attacks in the 12
months following the survey. A shortage of IT security skills and a lack of budget were also identified as top challenges by around one third of respondents. Read more
Note(s): Australia; Early 2022; 100 respondents
Source(s): Infoblox; Various sources (CyberRisk Alliance)
Share of organizations with an understanding of cyber and privacy risks arising
from third parties and suppliers in Australia in 2021, by level of understanding
Organizational understanding of risks arising from third parties Australia 2021
Share of respondents
16 Description: In a survey conducted amongst executives and corporate directors of organizations in Australia in 2021, less than 50 percent of the surveyed organizations reported a high level of understanding of the various cyber and privacy risks which may arise from
third parties and supplies. Around three percent of the organizations reported no understanding of risks including data breaches, privacy violations, and IoT/technology vendors. Read more
Note(s): Australia; July and August 2021; 114 respondents; Respondents were executives (38 CEOs, and 76 corporate directors, CFOs, CISOs, CIOs, and C-Suite officers)
Source(s): PwC Australia
CHAPTER 03
80,000 76,000
70,000 67,500
59,806
60,000
Number of cybercrime reports
50,000
40,000
30,000
20,000
10,000
0
Financial year 2020 Financial year 2021 Financial year 2022
18 Description: The Australian Cyber Security Centre (ACSC) received approximately 76 thousand cybercrime reports in the financial year 2022. The number of reports has increased in comparison to previous years, with approximately 67 thousand cybercrime reports
filed in financial year 2021. Read more
Note(s): Australia; financial year 2020 to financial year 2022
Source(s): Australian Cyber Security Centre
Distribution of cybercrime incidents reported to the Australian Cyber
Security Centre in Australia in financial year 2022, by type
Share of cybercrime incidents reported to ACSC in Australia FY 2022, by type
30%
26.9%
Share of cybercrime incidents reported
25%
20%
14.4%
15%
12.6% 12.2%
10%
6.12%
4.36% 3.92%
5% 3.01% 2.64% 2.6% 2.58% 2.22% 1.94% 1.79% 1.75%
0.59% 0.37%
0%
t
ce
er
g
t
n
ng
ed
d
t
ng
en
en
ef
in
lin
in
ar
ar
io
au
BE
re
th
an
ki
pi
ar
Th
nk
lly
rt
m
w
w
sm
l
Fr
Th
Se
al
O
op
Sh
m
to
om
al
Bu
st
Ba
ID
St
as
M
Ro
Ex
Sh
ve
ns
ar
e
ag
In
k
in
Ra
H
l
Im
Bu
nl
O
19 Description: In the 2022 financial year, over one quarter of cybercrime incidents reported to the Australian Cyber Security Centre were fraud related. The second highest share of reported threats were shopping related. Read more
Note(s): Australia; financial year 2022; Australia's financial year runs from July 1 to June 30; for example, financial year 2017 starts on July 1, 2016 and ends on June 30, 2017.
Source(s): Australian Cyber Security Centre
Distribution of cyber security threats reported to the Australian Cyber
Security Centre in Australia in financial year 2022, by affected sector
Share of cyber security incidents reported to ACSC in Australia FY 2022, by sector
Manufacturing 4%
Construction 4%
20 Description: In the 2022 financial year, 24 percent of cyber security threats reported to the Australian Cyber Security Centre were from Commonwealth Government agencies. The second highest share of reported threats were from state and territory and local
government agencies. Read more
Note(s): Australia; financial year 2022
Source(s): Australian Cyber Security Centre
Distribution of cybercrime incidents reported to the Australian Cyber
Security Centre in Australia in financial year 2022, by jurisdiction
Share of cybercrime incidents reported to ACSC in Australia FY 2022, by state
35%
30% 29%
Share of cybercrime incidents reported
27%
25%
22%
20%
15%
11%
10%
6%
5%
2% 2%
1%
0%
Queensland Victoria New South Wales Western Australia South Australia Tasmania Australian Capital Northern Territory
Territory
21 Description: In the 2022 financial year, 29 percent of cybercrime incidents reported to the Australian Cyber Security Centre were from the state of Queensland. The second highest share of reported threats were from Victoria. Read more
Note(s): Australia; financial year 2022; Australia's financial year runs from July 1 to June 30; for example, financial year 2017 starts on July 1, 2016 and ends on June 30, 2017.
Source(s): Australian Cyber Security Centre
Average reported financial loss of cybercrime incidents reported to the Australian Cyber
Security Centre in Australia in financial year 2022, by organization size (in Australian dollars)
Average loss of cyber incidents reported to ACSC in Australia FY 2022, by org size
100,000
88,407
90,000
Average reported loss in Australian dollars
80,000
70,000
62,233
60,000
50,000
39,555
40,000
30,000
20,000
10,000
0
Small business Medium business Large organisation
22 Description: In the 2022 financial year, the average financial loss of cybercrime incidents reported to the Australian Cyber Security Centre by medium sized businesses was over 88 thousand Australian dollars. Small businesses reported the lowest average financial
loss. Read more
Note(s): Australia; financial year 2022; Australia's financial year runs from July 1 to June 30; for example, financial year 2017 starts on July 1, 2016 and ends on June 30, 2017.; * Report averages only those cybercrime reports where financial loss [...] Read more
Source(s): Australian Cyber Security Centre
Cyber attack types organizations were most likely to fall victim to in
Australia as of 2022
Cyber attack types organizations were most likely to fall victim to Australia 2022
70%
63%
60%
55%
50%
Share of respondents
39%
40%
30%
20%
10%
0%
Phishing Ransomware Advanced Persistent Threat (APT)
23 Description: In a survey conducted amongst organizations in Australia in early 2022, around 63 percent of respondents reported falling victim to phishing attacks. Over 50 percent of respondents had also fallen victim to ransomware attacks. Read more
Note(s): Australia; Early 2022; 100 respondents
Source(s): Infoblox; Various sources (CyberRisk Alliance)
CHAPTER 04
600
500 487
Number of reported attacks
400
294
300
235
187 190
200
141 135
111
100
0
January February March April May June July August
25 Description: In January of 2022, over 487 reports of malware and ransomware attacks were made to the Australian Competition and Consumer Commission. Although the number of reports made in June was lower than in January, the amount lost was highest that
month, with over 115 thousand Australian dollars reportedly lost to malware and ransomware attacks in June. Read more
Note(s): Australia; August 2022
Source(s): ACCC
Number of reported ransomware and malware attacks in Australia in 2022,
by age group
Number of reported ransomware and malware attacks in Australia 2022, by age
500
450 434
400
350
Number of reports
300 288
250
150 129
100 81
50 26
0
Under 18 18 to 24 25 to 34 35 to 44 45 to 54 55 to 64 Over 65
26 Description: In 2022 in Australia, around 434 reports of ransomware and malware attacks were made by people aged 65 and over to the Australian Competition and Consumer Commission, resulting in close to 55 thousand Australian dollars in money lost. Those aged
under 18 reported the least number of attacks. Read more
Note(s): Australia; August 2022
Source(s): ACCC
Number of reported ransomware and malware attacks in Australia in 2022,
by location
Number of ransomware and malware attacks in Australia 2022, by location
600
514
500
424
400 367
Number of reports
300
200 181
169
100
53 46
13 13
0
NSW VIC QLD WA SA ACT TAS NT Overseas
27 Description: In 2022 in Australia, over 500 reports of ransomware and malware attacks were made to the Australian Competition and Consumer Commission by people in New South Wales, resulting in close to 47 thousand Australian dollars in money lost. In Victoria,
over 120 thousand Australian dollars were reportedly lost to malware and ransomware attacks. Read more
Note(s): Australia; August 2022
Source(s): ACCC
Delivery method of reported malware and ransomware attacks in Australia in
2022, by numbers of reports and amount lost (in thousand Australian dollars)
Delivery of ransomware attacks in Australia 2022, by number and amount lost
102077 800
100,000 763
91232 727
700
80,000 600
Number of reports
500
60,000
50920
400
40,000 300
27980
19001 200
20,000 153 12342
100
74
25 24 0 0 0
0 4 5 4 0
Social Text message Internet Phone Email Mobile In person Mail Not applicable
networking Applications
28 Description: In 2022 in Australia, 25 reports of malware and ransomware attacks via a social network were made to the Australian Competition and Consumer Commission, resulting in reported losses of over 100 thousand Australian dollars. Reports made about text
message malware and ransomware attacks were the most common. Read more
Note(s): Australia; August 2022
Source(s): ACCC
CHAPTER 05
Scams
Number of reported scams in Australia in 2022, by category
Number of scam reports in Australia 2022, by category
Phishing 74,573
Hacking 11,772
30 Description: Phishing was the most prevalent form of scam in Australia in 2022, with over 74.5 thousand incidents reported. There were also around 27.5 thousand reports of false billing. Read more
Note(s): Australia; 2022
Source(s): ACCC
Reported financial loss from scams in Australia in 2022, by leading
category (in million Australian dollars)
Reported loss from scams in Australia 2022 by leading category
Phishing 24.62
31 Description: In Australia in 2022, investment scams created total losses of over 377 million Australian dollars for victims. Around 40 million Australian dollars worth of losses caused by dating and romance scams were incurred that year. Read more
Note(s): Australia; 2022
Source(s): ACCC
Reported financial loss from scams in Australia in 2022, by payment
method (in million Australian dollars)
Reported loss from scams in Australia 2022, by payment method
Cryptocurrency* 221.3
32 Description: In Australia, losses from scams totaling around 221 million Australian dollars were reported as being paid with cryptocurrency in 2022. Payments made via bank transactions exceeded 210 million Australian dollars that year. Read more
Note(s): Australia; 2022; *Removing significant loss outliers, cryptocurrency losses increased 90.2 percent to 160.6 million Australian dollars. Read more
Source(s): ACCC
Money loss from online shopping scams reported in Australia from 2015
to 2022 (in million Australian dollars)
Online shopping scam loss in Australia 2015-2022
9
8.07
8
7.38
Scam loss in million Australian dollars
7 6.61
4.85
5
4
3.28
3
2
1.46 1.38
1.28
1
0
2015 2016 2017 2018 2019 2020 2021 2022*
33 Description: As of September 2022, around 6.61 million Australian dollars had been lost in online shopping scams in Australia. In 2021, over eight million Australian dollars had been reported as being lost through online shopping scams. Read more
Note(s): Australia; 2015 to 2022; *As of September 2022. Date used is date of access. Values have been rounded. Read more
Source(s): ACCC
Number of reported scam attempts to gain personal information in
Australia in 2022, by age group
Number of scam attempts to gain personal info in Australia 2022, by age
18,000
16,091
16,000
14,000
12,000
Number of reports
9,643
10,000 9,007 9,011
8,000 6,989
6,000
4,000
2,249
2,000
325
0
Under 18 18 to 24 25 to 34 35 to 44 45 to 54 55 to 64 Over 65
34 Description: In 2022 in Australia, over 16 thousand reports of scam attempts to gain personal information were made by people aged 65 and over to the Australian Competition and Consumer Commission, resulting in close to 15 million Australian dollars in money
lost. The number of reports increased with age. Read more
Note(s): Australia; August 2022; Attempts to gain personal information includes: hacking, identity theft, phishing, and remote access scams.
Source(s): ACCC
Delivery method of reported scam attempts to gain personal information in Australia in
2022, by numbers of reports and amount lost (in million Australian dollars)
Delivery of attempts to gain personal info Australia 2022, by number and amount lost
18 17.46
Amount lost in million Australian dollars
30000
16 28594
14 24921 25000
Number of reports
12
20000
10
15000
8
12109
6 5.06 5.05 4.72 10000
3.55
4
5000
2 0.81 0.8
1618 1933 0.29 0.06
1375
0 276 364 368 0
Phone Internet Text message Email Mobile Social In person Mail Not applicable
applications networking
35 Description: In 2022 in Australia, over 28 thousand reports of scam attempts to gain personal information via text message were made to the Australian Competition and Consumer Commission, resulting in reported losses of over 5 million Australian dollars. Reports
made about scam attempts to gain personal information via phone led to the most financial losses, at a value of over 17 million Australian dollars. Read more
Note(s): Australia; August 2022; Includes hacking, identity theft, phishing, and remote access scams.
Source(s): ACCC
CHAPTER 06
Consumer sentiment
Online privacy awareness and concern in Australia from 2018 to 2021
Online privacy awareness and concern in Australia 2018-2021
50% 47%
44% 44%
39%
Share of respondents
40%
2% 2% 2% 3%
0%
Very concerned Fairly concerned Not very concerned Not at all concerned
37 Description: According to a survey conducted in 2021 in Australia about digital consumer trends, 30 percent of respondents were very concerned about how companies they interacted with online used their personal data. The share of respondents who were very
concerned has decreased since 2018. Read more
Note(s): Australia; July 2021; 2000 respondents; 18-75 years; respondents who think companies use or share their personal data
Source(s): Deloitte
Share of Australian adults who believe the companies they interact with
online use their personal data in 2021
Share of adults who believe companies use their online personal data Australia 2021
90% 85%
80%
70%
60%
Share of respondents
50%
40%
30%
20%
11%
10%
4%
0%
Yes No I don't know
38 Description: According to a survey conducted in 2021 in Australia about digital consumer trends, around 85 percent of respondents were believed that companies they interacted with online used their personal data. Less than 5 percent of respondents believed
companies did not use their data. Read more
Note(s): Australia; July 2021; 2000 respondents; 18-75 years; respondents who have a phone or smartphone
Source(s): Deloitte
Share of Australian adults who always refuse app permissions in 2021, by
age group
Share of adults who always refuse app permissions Australia 2021 by age group
50%
47%
45%
39%
40%
35%
Share of respondents
29%
30%
25%
20%
20%
16% 16%
15%
10%
5%
0%
18-24 25-34 35-44 45-54 55-64 65-75
39 Description: According to a survey conducted in 2021 in Australia about digital consumer trends, almost 50 percent of respondents aged 65 to 75 reported always refusing app permissions. The likelihood of always refusing app permissions increased with the age
groups. Read more
Note(s): Australia; July 2021; 2000 respondents; 18-75 years; respondents who have a phone or smartphone
Source(s): Deloitte
Industries considered to be the least cyber secure by Australian adults in
2022
Industries considered to be the least cyber secure by Australian adults 2022
50%
44%
45%
39%
40%
35%
Share of respondents
30%
26%
25%
20%
15%
10%
5%
0%
Finance Government Retail
40 Description: In a survey conducted amongst Australian adults in 2022, 44 percent of respondents indicated that they consider the finance industry to be the least secure industry for cyber related incidents. Government was also considered to be one of the least cyber-
secure industries by respondents. Read more
Note(s): Australia; January 2022; 1004 respondents; 18 years and older
Source(s): Atomik Research ; PCI Pal
Share of Australian adults who would stop spending money with a brand
following a reported hack or data breach in 2022
Share of adults who stop spending at a brand following a data breach Australia 2022
Share of respondents
0% 5% 10% 15% 20% 25% 30% 35% 40% 45%
Would avoid spending with the brand for at least a few weeks 11%
41 Description: In a survey conducted amongst Australian adults in 2022, over three quarters of respondents indicated that they would either pause or completely stop spending with a brand or organization following a reported hack or data breach. Less than one-fifth of
respondents would continue spending directly following a reported hack or breach. Read more
Note(s): Australia; January 2022; 1004 respondents; 18 years and older
Source(s): Atomik Research ; PCI Pal
CHAPTER 07
35%
31%
30%
30% 29% 29%
27%
25%
Share of respondents
20%
15%
10%
5%
0%
Rapid deployment of new Lack of security awareness Keeping up with the new Concern over physical security Strain on help desk teams
collaboration tools like video among remote workforce threats and tactics with so many distributed form an influx of remote work
conferencing assets complications
43 Description: The most important challenge in keeping remote workforce secure in 2021 was the the rapid deployment of new collaboration tools, such as video conferencing. At the same time, one third of respondents considered the lack of security awareness among
remote workforce to be a challenge in 2021. Read more
Note(s): Worldwide; May to June, 2021; 4,753 respondents
Source(s): ISC2
Most used products and services to ensure online security on devices in
selected countries in 2021, by type of license
Products end services used to ensure online security on devices 2021, by license
Share of respondents
Paid Free
29%
Antivirus
41%
16%
Private browser
39%
17%
Ad blocker
37%
17%
Password manager
33%
20%
VPN
26%
18%
Privacy software, app or service, not VPN
26%
18%
Anti-tracker
27%
18%
Virtual card for payments
26%
44 Description: The most used product to ensure online security on consumer electronic devices in 2021 was an antivirus, with nearly one third of respondents having a paid license. At the same time, 20 percent of respondents paid for a virtual private network (VPN),
while another 26 percent accessed a free version. Read more
Note(s): Australia, Denmark, France, Germany, Italy, Netherlands, Romania, Spain, Sweden, United Kingdom, United States; June 2021; 10,124 respondents; 18-65 years; Internet users
Source(s): BitDefender
Main technologies used by companies worldwide to enable employees to
securely work from home in 2022
Technologies used to enable secure work from home worldwide 2022
Share of respondents
0% 10% 20% 30% 40% 50% 60%
45 Description: The most important technology used by companies worldwide to enable employees to securely work from home in 2022 was an anti-virus or endpoint security software. Moreover, nearly 50 percent of respondents used a virtual private network (VPN),
wile 34.5 were already benefiting from a zero trust network access (ZTNA). Read more
Note(s): Worldwide; November 2021; 1,200 respondents; Respondents who have an IT security job role
Source(s): CyberEdge; ISC2
Percentage of CISOs saying their business has seen more targeted attacks
since enabling widespread remote working worldwide in 2022, by country
CISOs that say more cyberattacks have occurred with remote working 2022, by country
Share of respondents
0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%
Canada 87%
Australia 66%
France 61%
Germany 55%
Sweden 51%
Japan 50%
Netherlands 49%
Singapore 44%
Spain 43%
Italy 37%
46 Description: Chief Information Security Officers (CISOs) in the Canada, Australia and France overwhelmingly suggested that their business had seen more targeted cyberattacks since enabling widespread remote working as of 2022. By contrast, countries such as Italy,
United Arab Emirates, and Saudi Arabia have a more positive outlook on remote work compared to the global average of 51 percent. Read more
Note(s): Worldwide; 2022; 1,400 respondents; Chief Information Security Officers (CISOs) from organizations with more than 200 employees
Source(s): Courthouse News Service; Proofpoint
Corporate data accessed by remotely working employees worldwide in
2021, by category
Corporate data accessed when working remotely worldwide 2021
Share of respondents
0% 5% 10% 15% 20% 25% 30% 35% 40% 45% 50%
Payroll 17%
Inventory 16%
Copyright/patent information 8%
47 Description: In 2021, 41 percent of remotely working employees globally stated accessing customer data. Other common types of data accessed while working remotely included operational data, financial records, and data pertaining to human resources. This
created IT security issues, as distributed workers were not protected by the corporate firewall. Read more
Note(s): Worldwide; March 17 -25, 2021; 8,443 respondents; Adults
Source(s): HP Inc.; YouGov
Sources
48