Global cyber security company, Fortinet, has released a report detailing the latest threats to security operations (SecOps) across Asia-Pacific. The study was conducted by IDC and presents a compelling snapshot of the current state of cyber security, including threats, attack frequency and impact, detection and response times, and the impact of Artificial Intelligence (AI) and automation on SecOps.
Analysing prevalent security practices and numerous challenges faced by SecOps teams, the report highlighted phishing and ransomware as the most predominant cyber threats in Singapore, with over 50% of organisations ranking them as top concerns. Other key threats identified include unpatched vulnerabilities, identity theft and insider threats, with ransomware incidents doubling across the city-state over the past year.
Alarmingly, remote work environments have led to increased concerns about insider threats, with 82% of respondents indicating that this has become a more significant issue. Factors said to contribute to the rise in insider threat incidents are insufficient training, lack of employee care, and inadequate communication, underscoring the need to address human factors in cybersecurity.
However, only 44% of businesses reported having dedicated IT resources for security. This lack of resources presents additional challenges for organisations striving to bolster their security measures. Furthermore, cloud technology adoption poses considerable challenges, potentially increasing an organisation's vulnerability to cyber threats.
Meanwhile, 44% of the surveyed organisations expressed concerns about being inadequately prepared for threat containment, and alarmingly, three out of four organisations reported not conducting regular risk assessments, exacerbating the difficulty of timely threat detection. More than 50% of the surveyed enterprises are grappling with alert fatigue, with suspicious emails and malware or virus detections causing the majority of alerts.
The report reveals that on average there is only one SecOps professional for every 190 employees, each managing approximately 30 alerts daily. This workload highlights significant pressure on cybersecurity professionals, and underscores the necessity for efficient processes, automation, and prioritisation.
Interestingly, the report uncovers a significant interest in the adoption and untapped potential of automation in SecOps. With 80% of organisations having adopted automation and orchestration tools in their security operations, despite this widespread adoption, the full potential of these technologies is yet to be harnessed fully.
The study reveals that around 80% of respondents reported significant productivity gains, with at least a 25% improvement in incident detection times attributed to automation. Looking ahead, 90% of organisations across Singapore express their intent to implement automation and orchestration tools within the next 12 months.
Simon Piff, Research Vice-President at IDC Asia-Pacific, emphasises the importance of organisations embracing automation strategically. "Securing modern IT infrastructures requires a continuous commitment to vigilance, proactivity, and adaptability amid challenges posed by hybrid work, AI, and cloud technologies," he said.
Rashish Pandey, Vice President, Marketing & Communications, Asia and ANZ, Fortinet, highlighted how automation plays a vital role in promptly identifying and responding to cyber threats. He noted that, "Our commitment to empowering organisations in navigating the dynamic cybersecurity terrain is showcased through innovative solutions," citing significant improvements in detection and containment times, team productivity, and reduction in expected breach costs.