Recent research conducted by ISMS.online reveals that nearly one-fourth of Australian businesses have faced a deepfake information security incident within the past year, demonstrating the escalating capabilities of sophisticated deepfake technologies to execute business email compromise attacks.
The study, titled “State of Information Security Australia Snapshot,” involved 506 information security leaders from a variety of sectors such as finance, technology, healthcare, manufacturing, education, and energy. This research aligns with the Australian Government’s ambition to establish the nation as a leader in cybersecurity, underscored by the Australian Cybersecurity Action Strategy.
Despite these aspirations, the findings indicate vulnerabilities; 75% of organizations reported being affected by incidents stemming from their supply chains, with data from partners (39%) being the most compromised type over the last year. As a precaution, 66% of the businesses surveyed intend to increase their investment in securing supply chain and third-party vendor connections over the next year, while 79% plan to raise their overall spending on information security.
The survey also highlighted the importance of training and awareness, with 46% of businesses enhancing their focus on these areas due to the increasing sophistication of cyber-attacks. Despite these efforts, 36% acknowledged that their employees use personal devices for work without adequate security measures, which exposes them to advanced threats like deepfakes.
However, there is a silver lining, as 84% of respondents believe that AI technology is bolstering their information security efforts, and 69% anticipate increasing their investment in AI and machine learning security applications.
Michelle McCarthy, Head of ISMS.online Asia Pacific, expressed concern over the prevalence of deepfake attacks and the associated risks from third-party suppliers. She emphasized the necessity for businesses to fortify their information security postures. McCarthy also noted the rapid evolution of AI and deepfake technologies, urging businesses to prepare for global regulations likely to be implemented in the future. She recommended adherence to standards such as ISO 42001, which covers AI usage, to demonstrate an ethical and compliant approach to AI that would reassure customers, regulatory bodies, and partners.
Source: australiancybersecuritymagazine.com.au
