The ExtraHop 2022 Cyber Confidence Index—Asia Pacific study reveals that 83% organisations in the region were breached by ransomware at least once in the past five years.
However, only 32% publicly disclosed that an incident occurred, while 48% kept it as private as possible. This is largely against the wishes of IT security personnel, of whom 66% feel it would be better to be transparent and public about ransomware attacks.
The research also states that 61% of organisations in Asia Pacific (APAC) expect cybersecurity budgets to increase in 2022. Despite that, growing cybersecurity budgets do not necessarily buy improved degrees of protection and confidence. Only 39% of IT decision-makers in APAC express a high degree of confidence in their organisation’s ability to prevent or mitigate cybersecurity threats.
This may explain why executives in the region do not back transparency or disclosure of incidents, as they cannot be confident history will not repeat itself. On average, APAC businesses that identify as ransomware victims will be infected—or reinfected—at least once a year.
With more APAC organisations innovating and adopting hybrid work, IT infrastructures remain vulnerable to past architectural decisions as legacy technology can provide ongoing opportunities for attackers to infiltrate networks and unleash ransomware attacks.
A lack of visibility and effective use of data has also contributed to organisations' obstacles in identifying vulnerabilities and preventing ongoing ransomware attacks. It is therefore not surprising that only 26% of teams can enact mitigations or apply a patch (where available) in under a day, with 60% taking up to a week.
See also: Tesla Cybertruck to go on tour in China to burnish tech cred
“Digital transformation is a journey, and organisations need tools to support both legacy infrastructure and new SaaS solutions—tools that provide visibility into their network, protocol use, and software behaviour so they can identify and stop an attack before it can compromise the business,” says Kenneth Chen, VP of Asia at ExtraHop.
Jeff Costlow, the company’s CISO, adds: “Leaders need to focus on their risk tolerance for their intellectual property (IP), data, and customer data and arm their teams with the tools and network intelligence that can help them defend their most critical assets. This survey reinforces the challenge organisations face in preventing attacks. Let’s arm defenders with the tools and forensics needed to prevent an intrusion from becoming a full-blown breach.”
To overcome those challenges, APAC organisations are looking at investing in network detection and response systems (42%) as well as implementing a social engineering strategy (47%) in the coming year. They also plan to implement staff threat training (46%) and increase dedicated internal security staff (40%).