While many institutions are now taking cyber security more seriously, the rapidly evolving nature of cybercrime means they must focus on dealing with attacks as well as preventing them.

“Cyber ​​resilience is an organizational capability – not a technological one – that improves an entity’s ability to achieve a desired outcome at any point in time,” said Joel Kamisar, regional director of McAfee MVISION Cloud for Asia Pacific.

“With the threat of cybersecurity compromise a reality for everyone, cyber resilience requires businesses to move from trying to avoid attacks to a position where they are able to reduce downtime and keep the wheels moving in the face of attack.’

Financial institutions are an extremely lucrative target because of their large repositories of customer financial data. McAfee saw an 89% increase in disclosed incidents affecting the financial sector in 2019. However, only a third of respondents surveyed by McAfee believe their organization is truly cyber-resilient.

"With the cyber threat landscape constantly evolving, there is no time for Australian organizations to be complacent," Mr Kamisar said.

"The low risk perception shown when it comes to data security breaches is indicative of a lack of awareness of the financial, reputational and operational impact a cyber incident can have in both the short and long term .”

The increasingly digital economy is also changing the threat landscape. Cryptojacking – targeting a victim's computer with coin-mining malware to mine cryptocurrency without their knowledge – is on the rise, with McAfee finding a 29 percent increase in incidents in Q1 2019.

"The worrying rise of cryptojacking is the new form of cybercrime hitting the financial industry and everyone from consumers to businesses [needs] to take a proactive approach to cyber security to combat these growing attacks,” Mr Kamisar said.