Recent research commissioned by Vodafone has identified that 56% of New Zealand businesses experience IT security attacks at least once a year. Yet nearly half of all companies surveyed (45%) felt their business did not have adequate tools and policies in place to prevent or mitigate cyber threats.

Cyber Security NZ SME Landscape 2014 was commissioned by Vodafone and undertaken by Head of the University of Waikato’s Cyber Security Lab, Dr Ryan Ko, in conjunction with Colmar Brunton. The results were presented by Vodafone to an audience in Auckland.

The research found that primary industries (construction, trades services, agriculture, forestry and fisheries) have the poorest understanding of cyber security threats and are the least prepared.

Vodafone’s Head of Security, Colin James says: “The statistics are pretty alarming across the board but for the primary industries, it’s particularly concerning when you consider the huge importance of the sector to the New Zealand economy.”

Globally, Vodafone sees around 65 billion cyber-attack indicators against its own infrastructure per month but James says the company is also seeing a marked increase in the number of attacks within New Zealand.

“Geographical isolation isn’t a safety net against threats. Gone are the days when all you needed was a firewall or virus scan to secure your company’s private data. Threats are becoming more sinister and advanced in their capability; the players are the same, but the tools they have access to have evolved astronomically.”

Rapid increases in mobility also mean businesses must now grapple with securing information outside of the business environment. 83% of lost smartphones in 2014 resulted in compromised business data, but despite these statistics, six out of ten companies have no plans to increase their investment in IT security.*

“Business leaders and IT managers need to re-evaluate where information is sitting these days; who has access to it and what security policies they have in place to protect against and prevent attack,” adds James.

The future for true cyber security lies with the vigilance of IT decision-makers (to ensure their systems are capable), and network providers to build more intelligent infrastructure capable of acting on threats to protect not only an individual user, but the overall integrity of the network.

James continues: “We need to ensure information is protected, regardless of where it resides. Intelligent networks operate by understanding what devices are connected to it, who is using those devices, who and what they’re communicating with and what they’re talking about.

“Without this intricate knowledge, businesses run the risk of creating chinks in their armour and opening themselves up for attack.”