Nearly a quarter of Australian businesses have experienced a
deepfake security incident in the past year, research by
ISMS.online, the auditor-approved compliance platform, has found.
24% of organisations experienced a deepfake incident in the last 12
months.
LONDON, June 30,
2024 /PRNewswire-PRWeb/ -- Nearly a quarter of
Australian businesses have experienced a deepfake security incident
in the past year, research by ISMS.online, the auditor-approved
compliance platform, has found. 24% of organisations experienced a
deepfake incident in the last 12 months.
"To see nearly a quarter of businesses
already impacted by deepfake attacks is worrying. These findings,
alongside the vulnerabilities associated with third-party
suppliers, show that businesses must ensure they have a strong
information security posture."
AI-powered technology is relatively new compared to threats like
social engineering and malware, but deepfakes are already among the
top information security incidents impacting businesses.
Sophisticated deepfake technology now allows threat actors to
facilitate business email compromise (BEC) style attacks - many
attacks mimic the voice and image of senior leaders to trick
targets into transferring funds.
The ISMS.online State of Information Security Australia snapshot
surveyed 506 information security leaders across ten sectors,
including finance, technology, healthcare, manufacturing,
education, and energy.
The research comes as the Government aims to position the
country as a global leader in cybersecurity with the Australian
Cybersecurity Action Strategy. However, as 75% of organisations
state they've been impacted by an incident caused by a supply chain
partner, and partner data (39%) is cited as the most compromised in
the past 12 months, businesses must be vigilant.
As a result, two-thirds (66%) plan to increase their spending on
securing supply chain and third-party vendor connections in the
coming 12 months, and the majority (79%) expect to increase their
overall information security spending. Training and awareness are
also critical focus points for businesses as cyber-attacks become
more sophisticated: nearly half (46%) have adopted a greater
emphasis on employee education and awareness in the last 12
months.
Despite training and awareness initiatives, over a third (36%)
admit that employees use personal devices (BYOD) without proper
security measures, leaving businesses more vulnerable to targeted
cyber attacks like deepfakes.
Michelle McCarthy, Head of
Asia Pacific at ISMS.online, said:
"To see nearly a quarter of businesses already impacted by deepfake
attacks is worrying. These findings, alongside the vulnerabilities
associated with third-party suppliers, show that businesses must
ensure they have a strong information security posture. It's
promising that the majority are planning further financial
investment into their information security and supplier
management."
While AI-powered deepfakes present a growing risk to businesses,
more than four-fifths (84%) say the technology is improving
information security, and 69% expect to increase their spending on
AI and ML security applications.
"AI and deepfake technologies have evolved rapidly and continue
to do so at pace. As businesses consider implementing AI tools in
their information security operations, they must align with the
global regulations that will undoubtedly come into force over time.
Standards like ISO 42001, which encompasses AI use, will help
organisations show their ethical, compliant approach to AI to their
customers, regulatory bodies and partners."
Media Contact
Rebecca Harper, ISMS.online, 44
1273 704400, rebecca.harper@isms.online, ISMS.online
Twitter
View original content to download
multimedia:https://www.prweb.com/releases/nearly-one-in-four-australian-businesses-have-experienced-a-deepfake-information-security-incident-in-the-last-year-ismsonline-report-finds-302185731.html
SOURCE ISMS.online