A CEO of a major Australian company put it to security consultant Michael Connory like this:
“Implementing these [cyber awareness and governance] programs is like home insurance – high cost with no guarantee anything will ever happen – so why pay the price? How many houses burn down every year, compared to how many people buy house insurance?”
This attitude towards is all wrong but not rare, says Connory whose firm Security In Depth has just published the results of research which found 83 per cent of Australian companies have no policies or plan in place for a data breach and 41 per cent said they “did not understand” what an ICT security framework was.
“We look at what has been said and done and companies and executives are more often than not complacent with cyber. It is our view, based on the number of organisations that have