Trustwave Unveils New Offerings to Maximize Value of Microsoft Security Investments. Learn More

Trustwave Unveils New Offerings to Maximize Value of Microsoft Security Investments. Learn More

Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Offensive Security
Solutions to maximize your security ROI
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats
News Releases

One in Seven Australian Businesses Doesn’t Test for Security Vulnerabilities: New Trustwave Report

Trustwave Research Survey Reveals Top Trends in Security Testing and Vulnerability Management

SYDNEY - Nov 30, 2016 - Trustwave today released a new report that shows many Australian businesses fail to conduct frequent security testing despite believing that it's critical to securing their systems and data. Lamentably, one in seven businesses surveyed admitted they don't do any security testing in spite of all respondents having encountered one of the dozen common security issues associated with security vulnerabilities.

The report is based on a survey of 200 security professionals who have knowledge about or responsibility for security testing within their organisations. Security testing is the process of testing databases, networks and applications for vulnerabilities that could allow bad actors to penetrate them and steal sensitive or confidential information, encrypt data, disable intended functionality, or otherwise cause harm.

Key findings from the " Australian Security Testing Practices and Priorities: A Trustwave Survey Report" include:

  • Most organisations are not proactive about security testing - Two in five organisations consider themselves to be "very proactive" in the context of security testing while another two in five are "somewhat proactive." However, nearly one in five organisations considers themselves "somewhat" to "very" reactive about security testing, or that their security testing posture is "non-existent."
  • Many organisations do no security testing - One in seven organisations has not conducted security testing of any kind during the past six months. Among those that do conduct security testing, 39 percent do so only monthly or less frequently, and many do not perform regular security testing after every infrastructure change. Nearly half of the organisations conduct security testing using a combination of in-house resources and third-party testing services, while just over one-third conduct security testing only in-house.
  • Many organisations find security testing a valuable best practice - Despite the fact that many organisations do not perform security testing, nearly 50 percent believe that security testing is a valuable best practice.
  • Security testing and reviews are infrequent and, in some cases, organisations are leaving it up to fate - Both security testing and reviews of these tests are not commonplace: only 14 percent perform detailed reviews of security testing to assess vulnerabilities on a daily basis and only 41 percent do so weekly or multiple times during the week. Meanwhile, 11 percent of the organisations surveyed perform these reviews only quarterly or annually, and 8 percent do so only when they perceive the need, creating a situation where businesses are simply guessing when to test their systems.
  • Security skills shortage and testing challenges abound - Among the leading security testing challenges discovered in the survey, the most commonly cited are inadequate staffing, insufficient budget and the shortage of skills to support regular testing.
  • Nearly one-third of organisations are turning to third parties for help with security testing - To address these issues, a large proportion of those surveyed are open to the idea of using third parties, like managed security services providers, to perform security testing on their behalf. Twenty-eight percent of those surveyed already do partner with a third-party for security testing, and another 38 percent plan to do so during the next year. Only 10 percent of those surveyed don't plan to use third-party security testing services.
  • No one is immune to cyber attacks - All respondents reported encountering one of the dozen common security issues associated with security vulnerabilities that were listed in the survey.

"Escalating cyber crime combined with the adoption of emerging technologies like mobility and Internet of Things as core business imperatives make regular security testing more important than ever," said Michael Gianarakis, Director, Asia Pacific, SpiderLabs at Trustwave. "Organisations need to look at both automated security scanning and in-depth penetration testing to identify where they're vulnerable and take preventative measures."

Download Report

To download a complimentary copy of "Australian Security Testing Practices and Priorities: A Trustwave Survey Report" which includes recommendations, visit:


Trustwave conducted this survey in October 2016 with 200 Australian respondents. To qualify for the survey, respondents had to be knowledgeable about and/or responsible for security testing in their organisations. The mean number of employees at the organisations surveyed was 1,439. A wide range of industries was included in the survey. The survey has a margin of error of +/- 8.7 percent.

About Trustwave

Trustwave helps businesses fight cybercrime, protect data and reduce security risk. With cloud and managed security services, integrated technologies and a team of security experts, ethical hackers and researchers, Trustwave enables businesses to transform the way they manage their information security and compliance programs. More than three million businesses are enrolled in the Trustwave TrustKeeper® cloud platform, through which Trustwave delivers automated, efficient and cost-effective threat, vulnerability and compliance management. Trustwave is headquartered in Chicago, with customers in 96 countries. For more information about Trustwave, visit


All trademarks used herein remain the property of their respective owners. Their use does not indicate or imply a relationship between Trustwave and the owners of such trademarks.

Latest News Releases

Trustwave Honored with Leadership and Career Growth Awards

Chicago – June 19, 2024 – Trustwave, a global cybersecurity and managed security services leader, today announced it was awarded with two new Comparably awards: 2024 Best Companies for Career Growth...

Read More

Trustwave Unveils New Offerings to Maximize Value of Microsoft Security Investments

Chicago, IL – June 4, 2024 – Trustwave, a leading cybersecurity and managed security services provider, today announced an expanded portfolio of offerings designed to help organizations unlock the...

Read More

Trustwave SpiderLabs Exposes Unique Cybersecurity Threats in Public Sector

Chicago – May 14, 2024 – Trustwave, a leading cybersecurity and managed security services provider, today released a comprehensive report titled "2024 Public Sector Threat Landscape: Trustwave Threat...

Read More