Cyber Resilience Gaps in New Zealand and Australia Highlight Recovery Planning Deficiencies

Severity: Low (Score: 39.9)

Sources: Insurancebusinessmag, Securitybrief.Au

Summary

A Datacom survey reveals significant gaps in cyber resilience among organizations in New Zealand and Australia. While 73% of New Zealand security leaders and 77% of their Australian counterparts express confidence in their risk visibility, only 30% and 32% respectively have formal recovery plans in place. The survey, which included 714 security leaders from both countries, indicates a disparity between investments in monitoring and actual preparedness for recovery from cyber incidents. Many leaders expect to recover from major incidents within days, despite evidence that such recovery can take weeks or even months. The lack of rehearsed plans and clear decision-making authority is cited as a major factor in prolonged recovery times. Datacom emphasizes the need for organizations to shift focus from detection to engineered resilience, which includes regular testing of recovery plans. The findings suggest that organizations may face significant operational risks due to inadequate recovery strategies. Key Points: • Only 30% of New Zealand organizations have formal recovery plans in place. • 77% of Australian security leaders feel confident about risk visibility, but recovery planning lags. • Regular testing of recovery plans is crucial for effective incident response.

Key Entities

• Malware (attack_type)
• Phishing (attack_type)
• Ransomware (attack_type)
• Jaguar Land Rover (company)
• Australia (country)
• New Zealand (country)
• Government (industry)
• T1566 - Phishing (mitre_attack)