Security practitioners in Asia Pacific are being kept busier than their global counterparts, with 46% of them having received more than 10,000 security alerts a day in 2019 compared to 35% globally. This was revealed in a recent study titled Cisco 2019 Asia Pacific CISO Benchmark Study.
According to Kerry Singleton, Cyber Security Sales Director for ASEAN, Cisco Global Security Sales Organisation (GSSO), APAC countries may be targeted due to the geopolitical issues in the region as well as issues around the levels of capability and cybersecurity maturity within the different nations.
This is the second year that CISCO has done the report, which surveyed around 2,000 security professionals from 11 countries in Asia Pacific, including six in the ASEAN region.
With a high number of cyber threat alerts, the real challenge lies in what comes after an alert is received. How many of the alerts are investigated, and how many of those found to be genuine are eventually remediated.
From that perspective, Kerry pointed out that businesses in Asia Pacific are struggling to cope with the sheer amount of security alerts they’re getting. For instance, only 44% of alerts were investigated, while the average number of legitimate alerts that were remediated dropped from 53% in 2018 to 38% last year. Even worse, they’re also facing longer downtimes, with 23% of organisations having to deal with over 24 hours of downtime following a severe breach. The global average for this is only 4%.
He believes that with the rise 5G looming over the horizon and proliferation of IoT devices, especially with manufacturing being a thriving industry in the region, the numbers are going to get much worse over the next few years if businesses don’t take the steps to better protect themselves. This is because hackers are no longer just targeting IT infrastructure, with 25% of respondents already having experienced OT (operational technology) cyber attacks last year.
As data and security laws and regulations continue to tighten up in other regions such as the US and EU, cybercriminals will surely set their sights on targeting organisations in emerging ASEAN countries where the laws aren’t as stringent. However, Kerry stated that some government-level efforts are being taken in a few ASEAN countries to improve these laws. This is important because as seen in other regions, such laws will compel organisations to embed security more into their environment and report breaches should they occur.
As to why companies are struggling to orchestrate alerts, the report stated that 41% of APAC businesses are using security products or solutions from over ten different vendors, which has increased the complexity tremendously for security professionals. Hence, it’s not surprising that a whopping 88% of respondents said that managing their multi-vendor environment was proving to be a challenge.
Compared to last year’s study, businesses in certain countries are already moving towards consolidation and streamlining their vendors. Kerry commented that businesses would be able to respond to alerts better and reduce cyber fatigue through a more integrated, consolidated security architecture to enable automated response to cybersecurity breaches.
On this matter, Kerry said, “Complexity due to a multi-vendor environment and the increased sophistication of businesses with OT networks and multi-cloud adoption continue to challenge security practitioners in Asia Pacific. As organisations look to reduce the impact of a cybersecurity breach, they need a simplified and systematic approach to security in which solutions act as a team, and learn, listen and respond as a coordinated unit.”
“One way for organisations to simplify security is by considering a Zero Trust approach which looks at security in three key areas—workforce, workload and workplace. Doing so enables organisations to protect users and their devices against stolen credentials, phishing and other identity-based attacks, manage multi-cloud environments and contain lateral movement across the network,” he added.
The study also reveals key trends that have emerged in the region, such as:
The top three barriers to adopting advanced security:
· Budget constraints (35%)
· Lack of trained personnel (29%)
· Lack of knowledge about advanced security technologies and processes (29%)
The top three security risks:
· Ransomware (41%)
· DDoS (36%)
· Targeted attacks such as phishing and email spoofing (30%)
In addition, it includes recommendations based on the key findings to guide businesses on how security professionals can streamline their existing security tools and manage complexity, reduce cybersecurity fatigue levels, build a cyber resilience plan to reduce downtime, increase security awareness among employees and even how to get more budget in the boardroom.
You can read the full report here.