Top five cybersecurity red flags in APAC

Photo by Michael Geiger

Hackuity has shared its latest findings on current cyber threats, including the most critical red flags in Asia Pacific (APAC) and how businesses can defend against them. This comes amid a surge in cyber threats as attackers shift their focus to the region.

“Enterprises should double down on their cyber hygiene to ensure robust defence. At Hackuity, we observed that 80 per cent of breaches still come from a lack of basic cybersecurity hygiene and only 15 per cent of organisations are considered cyber mature, while more than half are still in beginner or formative stages,” said Pierre Samson, Chief Revenue Officer at Hackuity.

“Most cyber threats can be prevented with steady investments, top-down willingness, and awareness of the risks. It is important for organisations to invest in not only people and processes but also the right technologies that can make a difference.”

According to Hackuity, the main red flags are:

Advancements in Threat Intelligence and Response

Cyber threats are becoming more sophisticated, and organisations in APAC will likely need to invest in advanced threat intelligence capabilities to develop stronger incident response strategies.

With more constrained resources and increasing workloads, companies will look to automate massively to keep pace with attackers. This includes utilising and leveraging automation, artificial intelligence (AI), and machine learning to detect and respond to threats more effectively.

Continuation of Cloud Security Challenges

Secure configuration and management of the cloud environment, including strong access controls, encryption, and protection of sensitive data, will continue to be a top priority as cloud adoption grows in APAC.

Organisations will be seeking a single pane of glass to turbocharge their effectiveness and extract more value out of existing tools and investments.

Continued Shortage of Skilled Cybersecurity Professionals

What keeps CISOs awake at night? Demand for skilled cybersecurity professionals is expected to continue exceeding supply in APAC. Organisations need to invest in talent development and retention to bridge the skills gap and build a strong cybersecurity workforce, while exercising robust and intelligent cyber hygiene to automate tasks that go beyond human processing capabilities to rebalance practices and focus on people, processes, and technology.

Heightened Regulations

Governments play a key role in driving a holistic security approach across all sectors. In Southeast Asia, governments are rolling out a slew of data protection laws to secure critical governmental, organisational, and citizen data.

For instance, Singapore recently changed its Personal Data Protection Act to tighten rules surrounding the misuse of data and mandatory reporting, while Thailand’s legislation was updated in 2022 to mirror the European Union’s General Data Protection Regulation measures more closely.

Ever-Increasing Attack Surface

Considering the decade-long spike of mobile and versatile digital usage across regions – resulting in social and professional media explosion – the number of possible touchpoints and attack vectors has increased.

Hackers have revelled in this increase, as it has given them many more avenues to experiment with, more access to consumer data and a heightened ability to mine private and valuable data.

APAC retained the top spot as the most attacked region in 2022, accounting for 31 per cent of all incidents worldwide, according to IBM’s Security X-Force Threat Intelligence Index. The embrace of a hybrid business environment during the pandemic increasingly exposed IT systems to exploits by hackers using automation and artificial intelligence (AI) to enhance the frequency of attacks. The study showed that malware, which provides access to compromised systems, is used in 20 per cent of all cases.

Samson added, “The future of cybersecurity in APAC lies in continuous adaptation, the adoption of cutting-edge technologies, and the establishment of collaborative efforts between public and private sectors. Only by embracing these challenges and addressing emerging threats, the region can fortify their cybersecurity resilience through robust strategies and adaptive measures.”