Nearly a quarter of Australian businesses have experienced a deepfake security incident in the past year, research by ISMS.online, the auditor-approved compliance platform, has found. 24% of organisations experienced a deepfake incident in the last 12 months.

LONDON, June 30, 2024 /PRNewswire-PRWeb/ -- Nearly a quarter of Australian businesses have experienced a deepfake security incident in the past year, research by ISMS.online, the auditor-approved compliance platform, has found. 24% of organisations experienced a deepfake incident in the last 12 months.

AI-powered technology is relatively new compared to threats like social engineering and malware, but deepfakes are already among the top information security incidents impacting businesses. Sophisticated deepfake technology now allows threat actors to facilitate business email compromise (BEC) style attacks - many attacks mimic the voice and image of senior leaders to trick targets into transferring funds.

The ISMS.online State of Information Security Australia snapshot surveyed 506 information security leaders across ten sectors, including finance, technology, healthcare, manufacturing, education, and energy.

The research comes as the Government aims to position the country as a global leader in cybersecurity with the Australian Cybersecurity Action Strategy. However, as 75% of organisations state they've been impacted by an incident caused by a supply chain partner, and partner data (39%) is cited as the most compromised in the past 12 months, businesses must be vigilant.

As a result, two-thirds (66%) plan to increase their spending on securing supply chain and third-party vendor connections in the coming 12 months, and the majority (79%) expect to increase their overall information security spending. Training and awareness are also critical focus points for businesses as cyber-attacks become more sophisticated: nearly half (46%) have adopted a greater emphasis on employee education and awareness in the last 12 months.

Despite training and awareness initiatives, over a third (36%) admit that employees use personal devices (BYOD) without proper security measures, leaving businesses more vulnerable to targeted cyber attacks like deepfakes.

Michelle McCarthy, Head of Asia Pacific at ISMS.online, said: "To see nearly a quarter of businesses already impacted by deepfake attacks is worrying. These findings, alongside the vulnerabilities associated with third-party suppliers, show that businesses must ensure they have a strong information security posture. It's promising that the majority are planning further financial investment into their information security and supplier management."

While AI-powered deepfakes present a growing risk to businesses, more than four-fifths (84%) say the technology is improving information security, and 69% expect to increase their spending on AI and ML security applications.

"AI and deepfake technologies have evolved rapidly and continue to do so at pace. As businesses consider implementing AI tools in their information security operations, they must align with the global regulations that will undoubtedly come into force over time. Standards like ISO 42001, which encompasses AI use, will help organisations show their ethical, compliant approach to AI to their customers, regulatory bodies and partners."

Media Contact

Rebecca Harper, ISMS.online, 44 1273 704400, rebecca.harper@isms.online, ISMS.online

Twitter

View original content to download multimedia:https://www.prweb.com/releases/nearly-one-in-four-australian-businesses-have-experienced-a-deepfake-information-security-incident-in-the-last-year-ismsonline-report-finds-302185731.html

SOURCE ISMS.online