As countries across the ASEAN region make a move towards digitalisation, cybercriminals will keep an eye on vulnerabilities that they can leverage on to launch a cyberattack. Without robust measures in place to mitigate cyberthreats, the top 1,000 ASEAN companies could lose an estimated $750 billion in market capitalisation. Such cybersecurity concerns could also undermine the region’s digital innovation agenda, which is critical for its success in the digital economy.
In an interview with UpgradeMag.com, Teong Eng Guan, Vice President for ASEAN at Palo Alto Networks, provides an overview of the current ASEAN cyber threat landscape and tips for businesses in the region.
What is lacking in ASEAN when it comes to cybersecurity?
Difficulty keeping up with rapidly evolving cybersecurity technologies, products and solutions is the primary barrier hindering organisations from ensuring secure cyber environments, according to almost half of the respondents in our report, ‘The State of Cybersecurity in Asia-Pacific’.
While cybersecurity spending and budgets have grown across the region, more advanced solutions such as two-factor authentication, anti-ransomware and biometrics all reported low adoption rates. In contrast, older, legacy systems such as antivirus and firewalls have the highest take-up rates in the region, indicating that more money does not always result in more or better solutions. We have observed the same trends within organizations in ASEAN as well.
Hence, a change in mindset towards cybersecurity is needed. With the majority of organizations in APAC (58 per cent) believing that a ‘detect and respond’ approach is more important than prevention, much more can be done to help organizations understand cyberthreats and the tools needed to effectively prevent them.
How much of an issue is legacy technology in the region?
While most organizations continue to rely on legacy cybersecurity solutions such as antivirus software, newer solutions such as biometrics and anti-ransomware rank relatively low (25% or less). Despite legacy solutions such as antivirus software being ubiquitous, security breaches continue to rise, indicating that a more holistic approach is needed.
The traditional “point product” approach to managing cyberthreats, aggregating individual security technologies – one on top of the other – to protect networks and data is becoming too expensive and complex to deal with today’s threats. Implementing a simple, coherent and automated security environment that focuses on prevention instead of multiple legacy systems can help reduce cybersecurity risk to a much more manageable level.
Is the perimeter of traditional defense obsolete? Should we look at only data protection or risk mitigation?
As the workforce evolves, organizations and their Chief Information Security Officers (CISO) have to adapt their cybersecurity approach to account for many new challenges. One such example is the growth of the IoT. With the implementation of BYOD policies, the lines between personal and corporate security are increasingly blurred with the ubiquity of connected wearables and devices. With these devices often paired with gateways to corporate networks, such as mobile phones and laptops, CISOs will need to address this convergence of personal and corporate cybersecurity as part of an evolving, multi-faceted solution.
This is just one of the many new challenges facing cybersecurity teams around the region. As such, effective prevention in today’s environment needs to be approached holistically, with protection across the network, data center, cloud and endpoint levels. Doing so not only requires a robust security platform that works across the entire digital ecosystem, but one that utilises automation and integrates seamlessly with third party apps in order to swiftly deal with dynamic cyberthreats.
How much more can businesses spend on security? Where should current security spending be looking to cover?
Following a spate of highly public cyberattacks in the region over the past couple of years, organisations have been sitting up and paying more attention to cybersecurity. Cybersecurity resource allocation is on the rise, with the majority (74%) of APAC organisations we surveyed devoting 5 to 15 percent of their total IT spend to cybersecurity. Complementing this, companies in many countries now also have dedicated IT security teams and manpower.
However, more can be done. Resources should continue to be invested in education with the lack of employee awareness about cybersecurity being cited as the biggest challenge facing organisations. While regarded as an internal threat, more than 60% of the professionals agree that this lack of awareness poses a cybersecurity risk for the organisation. Hence, increasing awareness as well as providing up-to-date training and continuous learning can go a long way as part of an effective, preventive approach to cybersecurity.
What important steps should ASEAN businesses take to secure their networks?
The pervasiveness of cyberthreats has brought up cybersecurity in boardroom discussions. However, cybersecurity is the responsibility of all employees in an organisation; and with a prevention mindset, risks can be minimised and better managed. The following pointers are effective behaviors organisations can adopt to get the most out of their investments in cybersecurity.
- Induct security awareness training across all levels of the organisation. Employee awareness and training is key to stopping negligence as it has historically been a successful attack vector into an organisation. Educating company personnel will make an attacker’s job more difficult, and they will be less likely to succeed.
- Replace duplicative and legacy technology with platforms that natively work together. As individual, siloed products often do not integrate well, utilising them increases costs and creates gaps that can be exploited.
- Leverage automation in your defenses to reduce the burden on security teams. If automation is incorporated into the security platform to enable low-level threats to be blocked, security teams are freed up to focus on more critical issues.
Is machine learning, deep learning or augmented intelligence going to keep us secure?
Like any new technology, machine learning, deep learning and artificial intelligence present opportunities for both cybercriminals and cybersecurity professionals. Cyberattacks have evolved to be heavily automated and can be launched with alarming frequency, making them almost undefeatable if dealt with manually. However, these technologies have also allowed us to fight fire with fire.
By incorporating automation and machine learning into security operating platforms, we can also get ahead of attackers. Machine learning can help accurately identify variations of known threats, identify patterns, predict the next steps of an attack and automatically create and implement protections across the organisation in near real-time. With machine learning, successful cyberattacks can be prevented, saving companies valuable time and data while ensuring private data is kept secure.
Having a holistic platform for cybersecurity that is built for automation can automatically create and enforce a full set of protections throughout the organization, to stop an attack from successfully progressing through its lifecycle, across the network, endpoints and the cloud.