APAC companies face rising cyber threats in container use
A recent study conducted by cybersecurity firm Kaspersky has revealed that a staggering 89% of geo-distributed companies in the Asia-Pacific (APAC) region utilising container development methods have experienced cybersecurity incidents over the past year. The research highlights the severe consequences these attacks have had on organisations, including confidential data leaks (42%), financial losses (49%), and decreased customer trust (34%).
In the study titled "Managing geographically distributed businesses: challenges and solutions," Kaspersky collected insights from IT security experts, information security professionals, and C-level executives working for geo-distributed companies. These respondents detailed the network security challenges faced when building and maintaining multi-site infrastructure, especially in hybrid cloud and containerised environments.
Kaspersky's findings indicate the widespread adoption of container development methods among companies in the APAC region. An overwhelming 94% of businesses with multi-site networks have in-house IT development teams, and of these, 87% employ container development techniques. However, the reliance on containers and Kubernetes has exposed many of these organisations to significant cybersecurity risks.
The causes of these security breaches were varied but pointed towards common issues inherent in the container development process. Errors in configurations were cited by 40% of respondents as the primary cause of attacks, while 34% attributed the incidents to flaws in runtime security processes. Additionally, 29% highlighted the late detection of malware within containers as a critical factor.
Timofey Titkov, Head of Cloud & Network Security Product Line at Kaspersky, emphasised the serious implications these cybersecurity incidents pose for geo-distributed enterprises. He stated, "The findings from our study underscore the critical importance of implementing robust security measures to safeguard against confidential data leaks and other cyber threats in hybrid cloud and containerised environments. As organisations continue to expand their digital footprint, proactive security measures are essential to mitigate risks and maintain customer trust."
Kaspersky recommends several strategies to protect containerised environments effectively. These include the use of specialised solutions for container security, like Kaspersky Container Security, which is designed to ensure protection across all stages of containerised application development. This solution can serve as an initial step towards implementing complex DevOps and cloud security measures. Kaspersky also plans to introduce Kaspersky Cloud Workload Security, an ecosystem providing comprehensive protection for cloud infrastructure, including hosts, virtual machines, cloud instances, containers, and Kubernetes. This integrated approach is aimed at reducing costs and resource consumption while enhancing overall security.
The full report by Kaspersky, which includes more detailed findings on the challenges facing geo-distributed companies, is available publicly. For businesses operating in the APAC region and beyond, the insights gathered in this study offer a clear call to action: bolstering cybersecurity frameworks must be a priority to mitigate the risks inherent in modern, distributed, and cloud-based work environments.
As digital transformation continues to accelerate, organisations must remain vigilant and invest in robust security solutions to guard against the evolving landscape of cyber threats. The findings from Kaspersky's study serve as a crucial reminder of the importance of advanced security measures in protecting sensitive data and maintaining trust in an increasingly interconnected world.