Regional Breach Readiness: Cisco 2018 Asia Pacific Security Capabilities Benchmark Study
Managing Director for Security, Asia Pacific, Japan & China
Thought Leadership, Digitization, Security
We have just launched our first deep dive report into breach readiness in Asia Pacific. In this study, we highlight the potential economic loss across the region due to cybersecurity incidents.
The most alarming news from the new study is that companies across Asia Pacific do not address half of the legitimate cyber threat alerts they receive. Also according to the study, Asia Pacific companies receive up to 10,000 threats a day, meaning six threats are received every minute.
The Cisco 2018 Asia Pacific Security Capabilities Benchmark Study, offers insights on cybersecurity practices from more than 2000 respondents across 11 countries, covering China, Korea and Japan in North Asia, the Southeast Asian nations of Singapore, Thailand, Philippines, Malaysia, Vietnam and Indonesia, Australia in the South and India. The research and insights are intended to help organizations respond effectively to today’s rapidly evolving and sophisticated threats. Here are the key Asia Pacific insights from our regional overview:
The cost of cyber attacks in Asia Pacific
The cost of breaches is no longer a hypothetical number. According to our study, 33% of respondents who suffered a breach said it cost them anywhere between US$1 million to $5 million, while 14% said the cost was more than US$5 million. This includes costs from lost revenue, loss of customers, and out of pocket expenses etc. Additionally, 51% of all cyberattacks in Southeast Asia resulted in a loss of more than US$1 million.
Breaches cause real economic damage to organizations, damage that can take months or years to resolve. Therefore it’s concerning that only 42% of executive leadership consider cybersecurity a high priority, according to the study. Cybersecurity must be a board-level conversation to make real progress.
Trust concerns from stakeholders rising
Cybersecurity incidents are undermining Asia Pacific organizations’ ability to gain confidence with their consumers and other stakeholders. 72% of study respondents remarked that greater privacy concerns from their customers is adding more time to their sales cycles. Nearly half say their sales cycle is delayed by more than a month. Executives also believe that scrutiny from stakeholders will start to rise over the coming year
Attackers are targeting operational technologies (OT)
The form of cyber attacks is also changing. Attackers are not just targeting IT infrastructure, but are now also targeting operational technologies (OT) that impact the day-to-day functioning and running of a business. 30% of organizations in the study have already seen cyber attacks along those lines, while 50% said they expect this to be the case moving forward. In addition, 41% of Asia Pacific respondents said their businesses would be affected if their operational infrastructure is compromised.
Complexity created by multiple vendors
Across the region, almost half of the surveyed organizations (47 percent) work with more than 10 security vendors, while 5 percent say they have more than 50 vendors in their environment. This creates complexity and increases vulnerability, as having different security products, can lengthen the time to detect and contain a breach.
Recommendations for Asia Pacific defenders
More needs to be done in the region to equip defenders with adequate tools – with 59% of respondents reporting that they’re experiencing cyber fatigue and have given up trying to stay ahead of malicious attackers. This regional figure is higher than the global figure of 46%.
To stay ahead of the attackers, we recommend that defenders consider:
– Adopting next-generation end point process monitoring tools
– Accessing timely, accurate threat intelligence data and processes that allow for data to be incorporated into security monitoring and eventing
– Implementing first line-of-defense tools that can scale, like cloud security platforms
– Employing network segmentation to help reduce outbreak exposures
– Reviewing and practicing security response procedures regularly
– Harnessing automation and scaling limited resources with technology.
Learn more by downloading and reading the Cisco 2018 Asia Pacific Security Capabilities Benchmark Study.