Cyber-Risk Worsens in New Zealand with 79% of Organisations Predicting Successful Attacks in Coming Year

Trend Micro's Cyber Risk Index finds preparedness is slowly improving

AUCKLAND, March 8, 2023 Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global cybersecurity leader, today announced that cyber-risk levels in Zealand worsen despite global levels improving from "elevated" to "moderate" for the first time..

To read a full copy of the Trend Micro Cyber Risk Index (CRI) 2H 2022*, please visit:

Mick McCluney, Technical Director at Trend Micro ANZ: "We saw the New Zealand cyber-risk index (CRI) decline from -0.12 in 1H 2022 to -0.15 in 2H 2022. This means there is still much to be done to improve cyber-preparedness, as employees remain a source of risk. The first step to managing this is to gain complete and continuous attack surface visibility and control."

The global cyber-risk index (CRI) instead saw an even more significant improvement, moving into positive territory at +0.01. The CRI also found that cyber-preparedness improved in Europe and APAC but declined slightly in North and Latin America over the past six months. At the same time, threats declined in every region bar Europe.

Most New Zealand organisations are pessimistic about their prospects over the coming year. The CRI found that most respondents said it was "somewhat to very likely" they'd suffer a breach of customer data (75%) or IP (74%) or a successful cyber-attack (79%).

The top four threats listed by respondents in the CRI 2H 2022 include:

  1. Business Email Compromise (BEC)
  2. Phishing and social engineering
  3. Botnets
  4. Fileless attacks


New Zealand respondents also named employees as representing one of their top five infrastructure risks:

  1. Data centres
  2. Mobile/remote employees
  3. Cloud computing infrastructure and providers
  4. Mobile devices such as smartphones
  5. IoT devices and applications


Dr. Larry Ponemon, chairman and founder of Ponemon Institute, said: "As the shift to hybrid working gathers momentum, organisations are rightly concerned about the risk posed by negligent employees and the infrastructure used to support remote workers. They will need to focus not only on technology solutions but people and processes to help mitigate these risks."

Based on the global survey results, the greatest areas of concern for businesses related to cyber-preparedness are:

People: “My organisation’s CEO and Board of Directors are actively involved in overseeing the IT security function.”

Process: "My organisation's IT security function doesn't have the ability to unleash countermeasures (such as honeypots) to gain intelligence about the attacker."

Technology: "My organisation’s IT security architecture has high interoperability, scalability and agility.”

*The six-monthly Cyber Risk Index was compiled by the Ponemon Institute from interviews with 3729 global organisations. The index is based on a numerical scale of -10 to 10, with -10 representing the highest level of risk. It is calculated by subtracting the score for cyber threats from the score for cyber-preparedness.


About Trend Micro

Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fuelled by decades of security expertise, global threat research, and continuous innovation, Trend Micro's cybersecurity platform protects hundreds of thousands of organisations and millions of individuals across clouds, networks, devices, and endpoints. As a leader in cloud and enterprise cybersecurity, the platform delivers a powerful range of advanced threat defence techniques optimised for environments like AWS, Microsoft, and Google, and central visibility for better, faster detection and response. With 7,000 employees across 65 countries, Trend Micro enables organisations to simplify and secure their connected world.

Media Contact:
Meshal Malik