Authored by: David Sajoto, Vice President of Sales for Asia Pacific and Japan, Extrahop
Singapore has one of the most advanced public cloud markets in the Asia Pacific region. Analysts estimate that investments in public cloud solutions will reach USD3.6 billion by 2023 with platform as a service (PaaS) models expected to be the fastest growing segment of the market.
As a result of the COVID-19 pandemic, cloud investments have accelerated as remote working and business continuity measures were adopted across enterprise operations. Another outcome of the pandemic is an increase in the number of cyber crime incidents in Singapore, an alarming trend that is anticipated to extend beyond 2020.
Keeping infiltrators at bay
The recent rapid adoption of cloud solutions combined with increasing complexity in corporate networks, is exposing organisations to a greater number of cyber threats. Cybersecurity teams are not adequately staffed to keep up with the increased demand on resources to stop attacks before they breach the network.
In a recent global survey of security and IT professionals at large organisations, which included respondents in the Asia Pacific region, ExtraHop found that 59 percent agreed that a lack of network visibility posed a high or very high risk to their operations. The flow of data across the network (i.e. east-west traffic) appears especially opaque, with just 17 percent of respondents stating they had high visibility into this lateral flow.
Insufficient network security staff and controls are having a negative effect as nearly two-thirds of survey respondents (64%) reported experiencing at least one compromise in the past 12 months. These are sobering statistics, given the potential economic and reputational consequences of a cybersecurity breach. An Accenture survey of more than 2,000 security professionals reveals that companies in Singapore have spent an average of US$ 9.32 million in 2018 to recover from cyberattacks. The damaging consequences of cyberattacks that result in a breach are far reaching, including business disruption, data and revenue loss. Establishing a strong network security must be top priority for APAC organisations
Enhancing network visibility to secure the infrastructure
Improving visibility and eliminating blind spots allows security teams to improve their security posture whether on premise or in the cloud. The use of network data when combined with machine learning provides the situational awareness needed to identify, investigate and respond to potential breaches within minutes and hours, rather than weeks and months.
Most enterprises seeking to mitigate the risks associated with a decentralised and cloud-first computing model, have deployed endpoint detection and response (EDR) and security information and event management (SIEM) solutions. However, networks are still being compromised as these solutions cannot capture the whole story. Endpoints can be tampered with and do not guarantee complete network coverage. Log data can be erased by attackers covering their tracks. In addition, when log data becomes too abundant or sends an excessive number of false alerts, the alerts are often disregarded as mere noise.
Network data is the source of truth that can’t be evaded or tampered with. When passively monitoring network data, attackers don’t even know they are being watched. When integrated with EDR and SIEM solutions, network data amplifies the effectiveness of your cybersecurity defenses.
With a Network Detection and Response (NDR) solution, the alerts you see will identify events that you know you need to pay attention to. Monitoring network data will help to fortify your organisation’s security defences. With NDR, security professionals can take a more proactive approach with the intelligence they need to hunt down emerging threats, rather than simply reacting to them.
Moreover, reducing the attack surface can be a challenge for the many enterprises where time and skilled staff are both in short supply. Organisations who look for NDR solutions that automate processes and provide analysts everything they need at their fingertips to speed up the investigation process and focus on what is most important to stop an incident from becoming a breach.
Accelerate post COVID-19 recovery and growth securely
As companies in Singapore continue to invest in more advanced cloud solutions, the Internet of Things (IoT) and mobile computing to achieve efficiency and productivity following the economically devastating effects of the COVID-19 pandemic. Businesses aiming to get the most from these technologies need to prioritise network detection and response to gain a real-time view across enterprise networks, improve analyst efficiency to fight threats, and strengthen overall security.