Despite aggressive cybersecurity measures, data breaches continue to affect over half of all organizations. This leaves companies and their customers at risk for identity theft, fraud, and other malicious activities. Fortunately, there are steps that businesses can take to protect themselves from these threats. By understanding the nature of today’s cyberattacks and implementing the appropriate countermeasures, companies can significantly reduce their chances of becoming victims.
According to the data threat report by the Thales Group, 32% of APAC respondents have reported having experienced cybersecurity breaches in the last 12 months. More findings are discussed below.
Increased ransomware and malware attacks
- Out of the 45% of respondents who saw an increase in cyberattacks, 58% have reported an increase in ransomware attacks, 57% saw increased malware attacks and 45% reported increased denial-of-service attacks. With ransomware attacks on the rise, a centralized formal plan that ties together security operations, legal and senior leadership teams should be a first when it comes to coordinating a coherent response.
- However, only 47% of respondents have a formal ransomware response plan that they would follow. Despite increased cyberattacks, 77% of APAC respondents and 79% of worldwide respondents trusted their organization with their data.
Continued remote working
- As most organizations extended remote working for employees the concerns about security risks prevail, with 33% of APAC respondents being ‘very concerned’ and 47% being ‘somewhat concerned’ about the cyber threats.
- 24% of employees said they were ‘highly confident’ in their current remote access security solutions. 34% of them were ‘significantly confident’ and 26% were ‘slightly confident’ whereas 16% said ‘not at all confident’.
Zero trust strategies
- The formal zero-trust security strategy in APAC was down by 6% this year against 2021. In 2022, only 28% of APAC respondents said they have a formal strategy, whereas it was 34% in 2021. Another 28% of respondents were in the process to develop a formal zero-trust security strategy.
- In the APAC region, 48% of respondents relied on ‘some concepts’ of zero-trust to shape their overall cloud security strategy, while 30% of respondents said that zero trust has shaped their cloud security strategy to a ‘great’ extent. Considering all global respondents, 47% relied on ‘some concepts’ of zero trust while 34% said zero trust shapes their cloud security strategy to a ‘great’ extent.
- As the cloud adoption trend is being seen worldwide, APAC is no exception with 51% of respondents having at least 40% of their data in the cloud, and 19% having over 60% of their data in the cloud.
- In 2022, the gaps in cloud protection have reduced compared to the previous year with 48% of respondents having at least 40% of their sensitive cloud data encrypted, and 21% having at least 60% of their sensitive cloud data encrypted. Although incidents of security breaches continue to be high, it has reduced compared to the previous year. In 2021, 37% of respondents experienced a breach or failed an audit involving cloud data and applications whereas, it improved to 33% in 2022.
- 51% of respondents agree that cloud privacy and data protection regulations are more complex to manage than on-premises environments.
- Regarding defining and enforcing cloud security strategies, 47% of APAC respondents said that a security team defines policies while enforcing them is at the discretion of the individual developer or application owner. 38% of respondents said that policies are centrally defined and enforced by the security team.
- 31% of APAC respondents use more than 50 SaaS applications, and 16% use more than 100 SaaS applications while only 3% reported using more than 500 SaaS apps. SaaS being delivered in API form, the expected heterogeneity of cloud usage increases concerns about managing encryption keys and identities across multiple providers.
Security strategies must be able to adapt quickly enough so that they can keep up with the rapidly changing world, but also have some flexibility in order to deal with hybrid infrastructure and applications. Hybrid environments can be a great way to keep your business running smoothly, but they come with some challenges. Hybrid cloud computing is layered on considerable complexity, and this makes it difficult for security professionals who want their work done quickly without any hassle. Security teams must employ the best suitable cybersecurity solutions to manage the challenges and complexities coming with multi-cloud adoption.