New Research Reveals Over Half of Cybersecurity Incidents in Australia Occur Due to Unmanaged Assets
Trend Micro evaluation highlights alarmingly low use of attack surface management tools
Posted: Thursday, May 01
  • KBI.Media
  • $
  • New Research Reveals Over Half of Cybersecurity Incidents in Australia Occur Due to Unmanaged Assets
New Research Reveals Over Half of Cybersecurity Incidents in Australia Occur Due to Unmanaged Assets

Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global cybersecurity leader, today announced new research* revealing a worrying disconnect between recognition of attack surface risk and use of specialised tools to manage that risk. Trend announced the findings at the RSA Conference in San Francisco.

To learn more about Trend’s latest research, visit: https://www.trendmicro.com/explore/aichangingcyberrisk

The global study of over 2,000 cybersecurity leaders revealed that 60% of Australian leaders have experienced security incidents due to unknown or unmanaged assets. The number of these assets has rapidly increased with the proliferation of generative AI and the increased complexity that comes with it, as well as continued growth in the number of IoT devices used in offices and employees’ homes. 

As a result, 87% of Australian respondents acknowledged that attack surface management is either directly or somewhat connected to their organisation’s business risk. A large share also recognised that failing to manage risk across exposed assets can have significant negative impacts beyond immediate security threats, including:

  • Financial performance (45%) 
  • Customer trust/ brand reputation (42%) 
  • Employee productivity (42%)
  • Operational continuity (38%)
  • Regulatory compliance and legal risks (36%)
  • Market competitiveness (33%) 


However, despite this apparent recognition, just 45% of Australian organisations use dedicated tools to proactively manage risk across their attack surface, the study revealed. Over one-third (38%) said they do not have a continuous monitoring process in place—a must in order to mitigate and contain risk before it can impact operations. 

On average, only 23% of responding Australian organisations’ budgets are dedicated to managing attack surface risk, yet over three-quarters (80%) of companies claim that their current resources are adequate for addressing these challenges. 

Andrew Philp, ANZ Field CISO at Trend Micro: “As far back as 2022, organisations globally – including here in Australia – were becoming increasingly concerned that their cyber-attack surface was spiralling out of control. That concern is even more pressing today. Yet while many local organisations understand the impact this has on operational and reputational risk, there remains a concerning gap in proactive, continuous risk mitigation strategies. Managing cyber risk exposure must become a strategic priority for all Australian businesses.”

Against this backdrop, Trend’s survey has found that artificial intelligence (AI) is emerging as a powerful enabler in the fight against cyber threats. Over half (62%) of Australian respondents are currently leveraging AI-driven tools as part of their cybersecurity strategy, as a strong majority (84%) emphasised the importance of utilising AI for predictive analytics and threat intelligence. Despite this, nearly half (48%) indicated a need for more information and assurances to encourage further consideration and action in this area.  

As almost two-thirds (61%) of Australian businesses don’t actively monitor and manage their attack surface in real time, this year’s Trend Micro World Tour 25 has the theme “Proactive Security Starts Here.” The flagship events will kick off in Sydney on May 7, followed by seven stops in Melbourne, Perth, Adelaide, Brisbane, Suva, Wellington and Auckland. It will bring together Australia’s top cyber leaders to share exclusive insights into adversary tactics, proactive security, and next-generation SOC strategies.

*Trend Micro commissioned Sapio Research to interview 2250 individuals, including 100 respondents in AU, with responsibility for IT and/or cybersecurity—across multiple verticals, organisation sizes and 21 countries in Europe, North America and APAC.

Share This