Workers who click on dicey email links or rogue attachments cause close to half of all cyberattacks on Australian companies.
And insiders are responsible for three times more successful attacks than external hackers, according to Telstra’s first comprehensive cybersecurity report.
The telco surveyed more than 350 IT security managers from a range of industries including banking, retail and mining.
It found 41 per cent had dealt with a major security breach in the past three years, with 15 per cent of companies unsure how it happened.
Oil, gas, government, IT and telecommunications emerged as the most frequently-targeted sectors and mining companies said incidents happened at least monthly.
“The loss of valuable data, such as intellectual property or sensitive commercial information, can severely damage reputations,” said co-author John Ieraci, Telstra’s security director.
About four in 10 firms considered themselves well-prepared to respond to an attack, but fewer than a third plan to boost their security spend in the coming year.