Home > Security

Why ASEAN Firms Need to Take Their Cybersecurity Defenses to the Next Level

Most ASEAN organizations face more than 5,000 cybersecurity alerts each day.

Southeast Asian (ASEAN) organizations are likely to be overwhelmed by the demands of managing cybersecurity, based on recent research that shows cybersecurity breaches cause them longer downtimes and higher financial costs compared with the global average.

The 2019 Asia Pacific CISO Benchmark Study by Cisco found ASEAN firms confront a relentless onslaught of cyberthreats, with most receiving far more than 5,000 security alerts every day. In Indonesia, Malaysia and Singapore, a quarter of organizations receive 100,000 security alerts or more each day, compared with the global average of 14% per day. In contrast, in Vietnam, Thailand and the Philippines, 17% to 21% of organizations receive more than 100,000 alerts a day.

This high volume of alerts has seen ASEAN firms experiencing growing levels of cyber fatigue, with organizations in Thailand reporting the highest levels (63%) and Indonesia the lowest (35%), compared with 30% globally.

“With the growing velocity and sophistication of cyberthreats, the real challenge lies in what happens after the alert is received,” says Kerry Singleton, Cisco’s Cybersecurity Sales Director for ASEAN. “The study found that ASEAN professionals are often overwhelmed with the volume of information and don't have the resources, either in people or time, to proactively respond to the alerts―something we term cyber fatigue.” 

Cyber fatigue occurs when defenders essentially give up trying to stay ahead of malicious threats and actors. It is a sign that security teams have become overwhelmed by the amount of security alerts they receive and are constantly putting out fires, rather than proactively building an effective security strategy.

While ASEAN firms face an onslaught of security threats, they have taken steps to resolve cybersecurity breaches quickly. The Philippines claimed the top spot in terms of alerts that get investigated (57%), while Malaysia and Singapore had the lowest percentage (45%), a figure close to the global number (43%).

Downtime dents profits and productivity 
The goal following any data breach is to get operations back to normal as quickly as possible and ensure that the attack has been completely remediated from all systems. ASEAN firms are severely impacted by cybersecurity breaches, as downtime―where systems are unavailable for use―is a far bigger problem than in other parts of the world.

Vietnamese organizations had the worst record of downtime, where nearly half (48%) had downtime of 17 or more hours after their most severe breach. In contrast, organizations in Indonesia faced the lowest levels of downtime, with 19% experiencing more than 25 hours of downtime in the past year, compared with 4% globally.

Challenges of a multi-vendor environment
For many organizations, managing cybersecurity defenses is a challenge because they have little inkling as to the number of vendors or products within their environments. Among ASEAN countries, Thailand has the highest percentage (55%) of organizations that use more than 10 vendors, while Vietnam has the lowest number (31%), as compared to 39% globally. 

Unfortunately, many find it difficult to orchestrate multi-vendor alerts, which could have an effect on cyber fatigue. As such, organizations should focus on integration and streamlining existing security tools to try to combat this. Organizations with cybersecurity teams that act as a coordinated unit allows for quick and effective responses and eliminates any wasted effort.

“Cybersecurity professionals need to fundamentally rethink many of their processes to ensure they can effectively keep up with the constant battle with cyberthreats,” Singleton says.

He recommends adopting a zero-trust approach to restrict users to accessing only those areas that are approved and relevant to their duties. That would counter unpredictable user behavior, which can result in identity-based attacks. Another recommendation is to have a cyber-resilience plan in place.

Look Back at the Major Cyber Threats of 2019

Read this paper for a retrospective of all the major cyber threats of 2019 and how to defend your organization against these types of threats moving forward.

Download Now

“A cyber-resilience plan that is tested regularly and employees understand is crucial to alleviate downtime and costs after a breach,” says Singleton. The plan should have a leader, with allocated roles and responsibilities for analysis; for communication with the team, customers and press; and for setting up remote working. In addition, the plan should allow fluidity, to incorporate the latest threats, as well as a backup plan in case a key team member is away. 

“It is clear that organizations need to strategize and take proactive steps to fortify against cyberthreats,” Singleton says. “There is no doubt that the volume and complexity of threats will increase. The question is whether the organization is prepared.” 

Get deeper insights to simplify your security environment, build a cyber-resilience plan and address security skills gap with the 2019 Asia Pacific CISO Benchmark Study.

Networking
ITChannel
Close