Authored by: Goh Chee Hoh, Managing Director, Trend Micro Malaysia & Nascent Countries
Digital transformation across Malaysian enterprises has only accelerated over the years. In fact, 46% of Malaysian firms are now transforming digitally. Critically, more are planning to do the same, as mandated in the MyDigital Initiative, which aims to make Malaysia technologically advanced and digitally driven by 2030, and in following the dictates of the 12th Malaysia Plan, whose aims include pushing the country into Industrial Revolution 4.0.
These efforts are commendable because digital is the way forward. But there is one big problem: Digitalisation and the increasing reliance on advanced technologies are exposing enterprises to threats that are growing not only in number, but also in sophistication. This is the stark reality that Trend Micro has observed, with threats largely moving in tandem with changes to the IT infrastructure of organisations.
These changes, along with trends such as working from home, have greatly expanded the corporate attack surface, thus necessitating a renewed focus on cybersecurity. With this growing vigilance against threats of any kind, security leaders are demanding enhanced visibility, detection and response across the entire enterprise, not just on endpoints.
Keeping Pace With a Cybersecurity Landscape That Is Growing More Complex
Cybersecurity is a daunting challenge in itself, and it is further complicated by a subset of challenges. Most notable of these challenges are the following:
Gaps in Cybersecurity Talent
While cyber threats are growing in number and sophistication, the number of highly skilled cybersecurity talent is not. This has been a major concern among organisations anywhere in the world, and it continues to be today. Curiously, there is a talent gap even here in Malaysia, which has consistently been ranked by the Global Cybersecurity Index as among the countries with the highest commitment to cybersecurity.
Malaysia needs approximately 20,000 cybersecurity professionals by 2025 to support the cybersecurity needs of different organisations across industries. The country, to be fair, has been proactive about this, with the Malaysia Digital Economy Corporation, for instance, partnering with the Asia Pacific University of Technology & Innovation for specialised programs in digital and cybersecurity. Businesses in the country need such programmes and initiatives to succeed; otherwise, that cybersecurity talent gap will only widen and result in lean security teams lacking the know-how to stay ahead of threats.
Having Too Many Siloed Security Tools
The sheer sophistication of cyber threats makes it very difficult for organisations to get accurate and timely threat detection and investigation. That alone is daunting, and it is compounded by the fact that more than a few organisations are using cybersecurity solutions that do not provide the speed and broad visibility throughout the enterprise’s connected infrastructure.
The result is oftentimes a glaring lack of synchronisation where time-sensitive security incidents are often met with across-the-board inefficiencies and duplicative tools. These are detrimental to cybersecurity and are a waste of resources and money.
Additionally, having multiple cybersecurity products typically results in the production of an overwhelming amount of data, which consequently consumes a considerably large amount of resources, time and finances to effectively maintain and analyse. This only adds to the already significant demands placed upon the security team.
Overwhelmed Security Teams
With security threats evolving to become more sophisticated and complex, security teams, who are already overwhelmed by the volume of threats, are tasked with the daunting responsibility of triaging and investigating threats with narrow and disconnected attack viewpoints.
Globally, the result of growing cybercrime and understaffed security teams has left staff feeling overwhelmed, with 54% of security operations teams Trend Micro surveyed reporting that they are drowning in security alerts. This alert overload is, in turn, adversely affecting the quality of life of these teams, 70% of whom admit to being emotionally affected by their work. In particular, many report that they are: Stressed to the point that they can no longer relax, unable to find downtime because they cannot “switch-off,” and irritated easily even in the presence of family and friends.
As a result, multiple members of security teams have admitted to ignoring alerts completely (40%), walking from the computer feeling overwhelmed (43%), turning off alerts entirely (43%), assuming that alerts are just false positives (49%) and hoping that other team members will address the alert (50%). Add in how stress compromises the actual quality of work and the result is a recipe for cybersecurity disaster, with the security team waiting on one another to deal with incidents, team members just ignoring alerts that can potentially be incoming threats and everyone too tired and out of it to do their job well.
This is where the role of Extended Detection and Response, also known as XDR, comes in to help enterprises overcome these challenges.
The Value of XDR for Enterprises
Extended Detection and Response is a natural evolution of detection and response beyond the current point-solution, single-vector approach. It veers away from the traditional and still commonplace Endpoint Detection and Response (EDR), which, while enormously valuable for the longest time, is now severely restricted. The reason being is that it can only detect and respond to threats inside managed endpoints, thus limiting the scope of threats that can be detected as well as the view of who and what is affected.
In contrast, XDR takes a holistic approach to detection and response by collecting and automatically correlating data across multiple security layers—email, endpoint, server, cloud workload and network. This breaks down silos and enables faster detection of threats, enhances investigation capabilities, and improves response times through security analysis. Consequentially, an organisation’s security team are equipped not only to take quick action through investigation but also to do more.
These investigations, critically, are insightful, with teams able to make logical connections from the data provided within a single view. Such data will include:
How the user got infected.
What was the first point of entry.
What or who else is part of the same attack.
Where the threat originated.
How the threat spread.
How many other users have access to the same threat.
It goes without saying that XDR is the standard in security today, and it is a crucial component in Trend Micro Vision One. This purpose-built, threat defence platform, though, goes beyond any other XDR offering, providing visibility across not just endpoints but also email, servers, cloud workloads and networks and using powerful security analytics to correlate data with Trend Micro’s global threat intelligence.
What Experts Are Saying
Trend Micro was recently named a Leader in The Forrester New Wave™: Extended Detection and Response (XDR) Providers, Q4 2021 report, scoring highest in the current offering category. Other key findings from Forrester’s report include the following:
Trend Micro Vision One had differentiated scores in 7 out of the 10 individual evaluation criteria—visibility, detection, investigation, product architecture, threat hunting, product security, and product vision.
It offers strong cross-telemetry detection, investigation, and response.
It is the best fit for companies that need a robust, easy-to-operate security suite.
It has loyal customers confident in the security efficacy of the Vision One platform, citing Trend Micro’s roadmap transparency and above-and-beyond customer support as key to its success.
Cybersecurity Must Be Top of the Mind
Between attack surfaces expanding due to digital transformation and threats growing in number and sophistication, organisations will need to focus on cybersecurity—or else get exposed needlessly to malicious actors. To that point, enterprises in Malaysia must leverage advanced tools that enable detection and response beyond the endpoint.
Only when enterprises put in place the right, holistic cybersecurity tools, can they undergo a successful digital transformation journey to stay in line with the trajectory of Malaysia’s growth into a digital-dominant society. And that is exactly the promise of Trend Micro Vision One, whose potential to elevate the security capabilities of organisations is underpinned by the above-mentioned recognition from Forrester.
To dive deeper into how XDR can help security teams detect earlier, respond faster, and reduce alert fatigue, catch the free, on-demand recordings of over 100+ expert-led sessions, including 26 sessions on XDR, from our recently concluded virtual event, CLOUDSEC 2021 here: https://www.cloudsec.com/.