More than half of Australian companies believe they have very mature cybersecurity protections. But most are ignoring best-practice guidelines from the Australian Signals Directorate. Just 13 percent of IT-security professionals said their organisations were following the guidance of the ASD Essential Eight which are said to protect against more than 85 percent of cybersecurity attacks. Just 46 percent of companies run staff security training more than once per year. The results suggest compliance and governance take higher precedence in guiding Australian security investments and driving digital transformation than technological controls.”]