Cyber security now about mitigating risk
Digital transformation, insider threat and machine learning will have a significant impact on cyber security in APAC over the coming months, according to Sanjay Aurora, Darktrace managing director APAC.
“In 2015, we saw countries like Singapore and New Zealand introducing cyber security toolkits for SMEs - this is a good step in educating employees beyond the IT department on the sophistication and seriousness of today's threats,” Aurora says.
“In 2016, cyber security will move further toward the boardroom as a corporate issue and become a continual process of risk mitigation, rather than a problem left for the IT department to independently resolve.
“As a result, security professionals must become more conversant with business risks and business objectives, rather than remain as narrow and deep technological experts," he says.
Digital transformation: An opportunity and a risk
In 2016, APAC organisations will continue to embrace digital transformation - from network-connected smart TVs, photocopiers and air-cons in the boardroom for greater convenience, to the wider adoption of virtualisation and cloud, which enables employees to work anytime and anywhere using smartphones, tablets and even smart watches, Aurora says.
Smart City initiatives throughout Asia, alongside established projects like Songdo in South Korea, will drive a significant increase in the number of connected units or devices across APAC, which is expected to increase from 3.1 billion to more than 8.6 billion by 2020. This presents organisations with both a business opportunity and business risk, he says.
"Connected units or devices in industrial zones, office parks and shopping malls will no doubt improve efficiency, as well as reduce the cost of energy, spatial management and building maintenance, but this will come at the cost of increased vulnerability.
"Therefore, the most urgent concern is how to conduct business while maintaining the current levels of risk management, as networks become more open and complex, and more devices become interconnected.
“Businesses are expected to be able to keep information safe within flexible structures, but at the same time, they can no longer completely 'fortify' their online environments,” he says.
"Cloud servers, for example, will remove some risks relating to the build and configuration of a large numbers of servers and their ongoing maintenance.
“However, the cloud also allows mistakes to be made at an unprecedented scale and magnitude.
“A recent error that exposed more than a million healthcare records reminds us that using the cloud without proper cyber security safeguards can result in widespread damage," he says.
Insider threats: Most significant potentially damaging risk
As attackers increasingly obtain legitimate credentials from employees, customers, suppliers or contractors and exploit network access in ways that are difficult to predict, insider threat is likely to be the most significant and potentially damaging risk in 2016, according to Aurora.
"The US Office of Personnel Management hack in June and the recently reported VTech hack are sharp reminders that attackers are having an impact on trusted organisations at scales almost unimaginable.
“These incidents have shown us yet again that once perimeter defences have failed, many organisations remain blind to in-progress attacks for long periods of time, until the business and reputational damage becomes impossible to contain," says Aurora.
"We have also observed breaches within organisations that have gone unnoticed for up to 200 days, before the vulnerability was brought to light.
“On that note, companies need to accept the new reality - the threat is, by default, inside organisations, and must be kept in check by continual monitoring and advanced detection," he says.
Machine Learning: Key to proactive cyber security
According to Gartner, information security has become a priority for businesses, with worldwide spending on information security projected to reach US$76.9 billion by the end of 2015.
The research firm highlighted the emergence of new technologies, which provide contextual information and security intelligence, as key to improving organisations' understanding of today's evolving internal and external threats.
Due to talent shortages, more than half of APAC organisations are seeking data-driven security capabilities to plug the gap.
"Whether we're talking about start-ups, SMEs, MNCs or public sector organisations, the importance of digital information - as well as the need for pragmatic knowledge in securing systems and data - remain consistent.
“Across the board, we're seeing a high incidence of threat actors unlawfully claiming and using intellectual property. These threat actors, who are also targeting young and innovative companies, could very well walk away with entire businesses.
“Cyber threats are not just an expensive annoyance, but can deal devastating blows to creative concepts and competitive positions," says Aurora.
"In 2015, the capability of machines to provide a full view of and automatically learn what is normal and abnormal within a network, as well as identify in-progress cyber-attacks, has been an important innovation for the cyber defence sector, especially when it becomes humanly impossible to keep up with every component within an organisation's expanding network.
“In 2016, companies that aim to be successful in proactive cyber security will need to embrace this model of 'immune system' technology, which continually looks out for network abnormalities and alerts the security team in real-time, before serious damage is done," Aurora says.
Security professionals must become more familiar with business risk
Regionally, cyber-attacks are estimated to have cost APAC businesses US$81 billion in the past 12 months, according to Aurora.
To safeguard revenue, reputation and intellectual property, the issue of cyber security has become a common topic during boardroom discussions, with policies being constantly developed to address ongoing cyber threats.
Furthermore, 45% of boards now participate in the formulation of security strategy, with that number set to increase in 2016.