Businesses in Asia Pacific are still struggling with their security posture and need additional help to protect against threats.

According to a Trend Micro survey, 77% of APAC organizations expect to experience a breach of customer records in the next 12 months. With cyber threats compounding every year, one might expect the region to be better prepared for potential threats. So, where are the gaps and what’s perpetuating these expectations?

Trend Micro’s Cyber Risk Index (CRI) report measures the gap between respondents’ cybersecurity preparedness versus their likelihood of being attacked.

For the first half of 2021, the APAC CRI revealed an elevated risk, compared to last year. Key APAC findings from the report include:

  • 83% said it was somewhat to very likely that they’d experience one or more cyber-attacks in the next 12 months, compared to 76% last time
  • 23% of respondents said they had suffered 7 or more breaches of customer data over the past year, up from 16% in the last report

CybersecAsia discussed these findings with Nilesh Jain, Vice President, Southeast Asia & India, Trend Micro:

Nilesh Jain, Vice President, SEA & India, Trend Micro

In view of recent breaches – such as MyRepublic, Eye and Retina, and Starhub – what are some key strategies that cybercriminals have employed in recent attacks, and why?

Nilesh: With regards to the recent spike in attacks, we can observe two trends in the frequency of incidents and the profile of victims. Just this year, we’ve seen numerous attacks on local telecommunications or mobile operators, healthcare organizations, as well as insurance providers.

What these businesses have in common is the possession of highly sensitive and highly sought-after customer data. In fact, our latest survey reveals that 77% of APAC organizations expect to experience a breach of customer records in the next year.

Undoubtedly, one of the most common types of attacks we’ve witnessed in the last year is ransomware. In 2020, 89 ransomware cases were reported to Singapore’s Cyber Security Agency (CSA), with cases mainly coming from the manufacturing, retail, and healthcare sectors. This represented a significant increase of 154% cases from 2019.

The severity and sophistication of these attacks have also evolved. In the last two years, we’ve seen the double extortion technique – defined by the threat to publicly release victims’ data – evolve to triple and even quadruple extortion techniques, wherein attackers directly contact victims’ customers through designated call centres to demand for ransom.

According to Trend Micro’s data, Singapore is among many countries that have been consistently affected by post-intrusion ransomware attacks since 2019. Our data reveals that actors seem to be gravitating and repeatedly targeting countries where they have successfully launched attacks. This could explain why Singapore has been in the spotlight recently.

In your opinion, what are the top cyber risks organizations in APAC face today?

Nilesh: APAC organizations face a higher potential threat to cyber-attacks than other countries across the globe in large part due to the speed and scope of growth in the region’s digital use and connectivity. Our biannual Cyber Risk Index (CRI) report identified ransomware, watering hole attacks and malicious insiders as some of the key cyber risks APAC organizations faced in the last 18 months.

The type and severity of risks also vary across countries. In Singapore, for instance, the nation’s susceptibility to threats has increased year-on-year mostly due to concerns over infrastructure risk, which are being driven by higher risks across the board, such as watering hole attacks and malicious insiders, as aforementioned.

Overall, our CRI revealed an elevated risk across the region, in comparison to last year. This is unsurprising as more organizations across the region shifted to virtual workspaces during the pandemic, expanding their threat surfaces. We foresee that the risk surface will continue to grow with thousands of new vulnerabilities likely to be reported in both old and new applications and devices.

How prepared are organizations in the region in mitigating such risks?

Nilesh: According to Trend Micro’s CRI report, more organizations in APAC experienced cyber-attacks this year, when compared to the previous year:

  • 33% suffered more than seven cyber-attacks that infiltrated networks/systems, versus 18% in the previous report
  • 23% of respondents said they’d suffered more than seven breaches of customer data over the past year, up from 16% in the last report

With more organizations ramping up on their cybersecurity practices, one would assume that there would be fewer cyber-attacks reported. However, organizations in the region remain pessimistic – 83% of our CRI respondents admitted that it was somewhat to very likely that they’d experience one or more cyber-attacks in the next 12 months, compared to 76% last year.

The results show that businesses are still struggling with their security posture and need additional help to protect against threats.

What are some key factors that are impacting the cyber-preparedness of APAC organizations?

Nilesh: Today, the key factor impacting cyber-preparedness in APAC is the organizational misalignment between business and cybersecurity priorities. This has been a long-standing issue, with CISOs and business executives struggling to see eye to eye on business objectives. When there is misalignment in the boardroom, cybersecurity practices fail to be executed effectively and threat actors take advantage of this.

While corporate boards and executives are definitely more educated and involved than they were in the past and CISOs are more actively participating in business planning and strategy, there is still plenty of room for improvement. Our study indicates that nearly 70% of business and technology leaders believe that cybersecurity is entirely or mostly a technology area with little or no linkage to the business, while another 11% equate cybersecurity with regulatory compliance.

Based on our CRI report, APAC respondents also cited the following as key risk factors impacting their cyber-preparedness:

  • Lack of appropriate investments in leading-edge security technologies such as machine learning, automation, orchestration, analytics, and/or intelligence tools
  • Lack of involvement in threat sharing with other companies and government agencies

How should organizations in the region re-evaluate and elevate their security posture?

Nilesh: While organizations continue to prioritize cybersecurity and are making good progress in identifying and resolving vulnerabilities, there is always more that can be done. Effective cybersecurity requires a constant and proactive effort.

There are five ways organizations can elevate their security posture and address existing vulnerabilities:

  • Regularly update online infrastructures. Applying patches to systems, servers, and networks as soon as they become available will lower the number of flaws and exploits that target them.
  • Educate employees on cybersecurity preparedness. Make online cybersecurity training mandatory for every new employee. Businesses should update and repeat training regularly and make it a continuous process to combat cyber threats.
  • Integrate automated cybersecurity solutions to monitor your network, allowing security professionals to focus their efforts on high-risk threats. Additionally, automated cybersecurity solutions can help cut down incident response times and stop attacks from spreading across networks.
  • Employ multi-layered security defenses. Additional layers of security reduce an organization’s attack surface. Firewalls and intrusion detection and prevention systems, for instance, help filter malicious traffic and network activities.
  • Work together with the best cybersecurity partners to review and assess cybersecurity risk, posture and toolkits’ health on an ongoing basis, and ensure that these meet the requisite standards.

The evolution of cyber-threats demonstrates how quickly the landscape is transforming, and organizations in APAC cannot afford to be complacent. While it’s impossible to be completely immune, a comprehensive strategy that encompasses appropriate tools and response tactics before, during, and after an attack will ensure that an organization is adequately protected for years to come.