Close this search box.

Cyber head questions “under-reported” risks


Via Insurance Business Australia

The head of a specialist cyber security firm has questioned the accuracy of recent data published by the government, saying one of the most significant threats appears to be under-reported.

Ahmed Khanji, CEO of Gridware Cybersecurity, suggested figures collated by the Office of the Australian Information Commissioner (OAIC) may not truly represent the risk of insider threats.

The latest OAIC statistics found malicious attacks were responsible for 57% of notifiable data breaches (NDBs) while human error was responsible for 37%.

However, Khanji’s research pointed to insider threats as a more pressing risk.

“Contrary to what’s being reported to OAIC, we’ve found employees are the greatest threat,” he told Emergence Insurance’s latest webinar for brokers. “Consider who has access to your customer lists and email contacts.”

A global study conducted by Willis Towers Watson and ESI ThoughtLab earlier this year found that 87% of executives viewed untrained staff as the greatest cyber risk to their businesses.

Despite this, staff training was found to have made minimal progress when measured against the US-developed, voluntary National Institute of Standards & Technology’s cyber security framework.

“As humans, we keep finding new ways to make mistakes,” said Gerry Power, head of sales at specialist cyber insurer, Emergence. “But, with sound risk management in place, many breaches can be prevented.”

Power also reiterated the risks around poor employee training, and called for better education.

“Employees are the last line of defence, they must be educated to identify such things as dodgy emails and suspicious invoices,” he said.

Author picture

Gridware is one of the leading cybersecurity providers in Australia, delivering world-class outcomes for our clients. We are uniquely positioned as an independent advisor, giving clients the confidence that they have mitigated their cybersecurity risks to best-in-class standards. If your organisation requires an approach to cybersecurity that is robust and reflects best-standard approaches to the latest threats, get in touch with us today for a discussion.


Sydney Offices
Level 12, Suite 6
189 Kent Street
Sydney NSW 2000
1300 211 235

Melbourne Offices
Level 13, 114 William Street
Melbourne, VIC 3000
1300 211 235

Perth Offices
Level 32, 152 St Georges Terrace
Perth WA 6000
1300 211 235

Emergency Assistance

Under Attack?

Please fill out the form and we will respond ASAP. Alternatively, click the button to call us now.

Learn more about the team at the forefront of the Australian Cyber Security scene.

About Us →

Meet the Team →

Partnerships →

Learn more about the team at the forefront of the Australian Cyber Security scene.

Career Opportunities →

Internships →

Media appearances and contributions by Gridware and our staff.

See More →



Whether you need us to take care of security for you, respond to incidents, or provide consulting advice, we help you stay protected.

View all services →

Web App Pen. Test Calculator →

Network Pen. Test Calculator →

Governance & Audit

Legal and regulatory protection

Penetration Testing

Uncover system vulnerabilities

Remote Working & Phishing

Fortify your defenses

Cyber Security Strategy

Adaptation to evolving threats

Cloud & Infrastructure

Secure cloud computing solutions

Gridware 360

End-to-end security suite

Gridware Managed Services

Comprehensive & proactive security

Gridware CloudControl

Harness the benefits of cloud technology

Gridware Incident Response 24/7

Swift, expert-led incident resolution



A collection of our published insights, whitepapers, customer success stories and more.

Customer success stories from real Gridware customers. Find out how we have helped others stay on top of their Cyber Security.

Read More →