The threat landscape is growing every day, and so is the risk of suffering a demanding data breach. While a dedicated security strategy can keep organizations out of headlines, many are still plagued by disjointed response workflows and manual processes that slow down their mean time to detect and respond to real threats.
Commissioned by LogRhythm, Frost and Sullivan conducted a study to ascertain the level of security maturity among 400 enterprise IT decision makers in Asia-Pacific. Here are five major vulnerabilities troubling enterprises today:
1. Growing use of smart medical devices will expose critical systems to greater cyber risk
Over the past couple years, the healthcare industry has seen an increase in the use of IoT devices—this trend shows no signs of slowing. When coupled with the fact that healthcare records fetch higher bidding than other sensitive information on the dark web, it spells out a recipe for disaster.
The Asia-Pacific healthcare sector acknowledges that their networks have been breached before and believe they are at a high risk of future cyberattacks. The healthcare sector needs to invest in holistic security capabilities focused on safeguarding the large amount of sensitive data they possess.
2. Enterprises are not performing cyber risk assessments as often as they should
The longer the timeframe between risk assessments, the higher the risk of a data breach. Cyber risk assessments review the effectiveness of security tools, processes, and level of employee vigilance. Conducting regular cyber risk assessments can help reduce an organizations’ risk level and help fortify defenses against new attack vectors. Even the most comprehensive cyber defense infrastructures need to be regularly assessed.
It is encouraging to hear that Asia-Pacific enterprises are confident about their resiliency against cyberthreats. However, these enterprises must ensure that their sense of confidence is not misplaced by proactively conducting cyber risk assessment within their organization.
3. 75% of Australian CIOs and 85% of Singaporean CIOs anticipate a rise in cyberthreats in the next five years due to a shortage of skilled security professionals*
What is the biggest challenge enterprises face in maintaining security operations? Finding trained security professionals.
Machine learning-powered automation will be key to effectively handling indicators of compromise with limited qualified staff. Machine learning systems can help improve accuracy and efficiency in threat detection, leaving security professionals with more time for analysis of higher priority threat activity.
4. Asia-Pacific companies have weak investments in security intelligence and analytics
Of the $17 billion invested in the Asia-Pacific cybersecurity market, Security Incident and Event Management (SIEM) tools make up only $76 million. This pales in comparison to the $2.76 billion expenditure of the network security segment (network firewall, IDS/IPS, and SSL VPN).
It’s difficult to fully quantify the extent of damages a major breach can cause to an organization—loss of property, loss of workforce momentum, damaged customer confidence, etc. However the damages are counted, though, they will certainly exceed the cost of employing a sound SIEM platform.
5. More than half of organizations are either reactive towards threats or have multiple tools deployed piecemeal
A lack of integration and optimization of security tools prevents organizations from properly developing their cyber resiliency. Should they be hit by an attack, the impact would not be minimal. Implementation of security tools should not be done piecemeal, but through a tightly-integrated deployment to develop full visibility of threats.
“A passive stance and legacy threat detection software do not suffice if we want to win the war against cybercrime,” says Frost & Sullivan’s Industry Principal Analyst, Charles Lim. “To do this effectively, more enterprises need to shift from a reactive model focusing on perimeter defense tools to a holistic approach combining security intelligence, analytics, and human expertise. This is therefore no longer a choice, but a necessity.”
Discover more about the state of cybersecurity readiness in Asia-Pacific enterprises and what steps enterprises should pursue to achieve cyber resiliency based on their security maturity in the Exploring Cyber Security Maturity in Asia white paper.
*“Cyber-Security Threats Increase as Australian CIOs Face Talent Shortage,” Robert Half, Sept 6, 2016