This vendor-written piece has been edited by Executive Networks Media to eliminate product promotion, but readers should note it will likely favour the submitter's approach.
Based on industry observations and interactions with customers and partners across the APAC region, Sanjay Aurora, Managing Director, Darktrace APAC, shares four key cyber security observations for organisations in 2016:
1. Digital Transformation Both a Business Opportunity and Business Risk
In 2016, APAC organisations will continue to embrace digital transformation - from network connected smart TVs, photocopiers and air-cons in the boardroom for greater convenience, to the wider adoption of virtualisation and cloud, which enables employees to work anytime and anywhere, using smartphones, tablets and even smart watches.
Smart City initiatives in China, India and Singapore, alongside established projects like Songdo in South Korea, will drive a significant increase in the number of connected units or devices across APAC, which is expected to increase from 3.1 billion to more than 8.6 billion by 2020. This presents organisations with both a business opportunity and business risk.
Aurora said: "Connected units or devices in industrial zones, office parks and shopping malls will no doubt improve efficiency, as well as reduce the cost of energy, spatial management and building maintenance, but this will come at the cost of increased vulnerability. Therefore, the most urgent concern is how to conduct business while maintaining the current levels of risk management, as networks become more open and complex, and more devices become interconnected. Businesses are expected to be able to keep information safe within flexible structures, but at the same time, they can no longer completely 'fortify' their online environments."
"Cloud servers, for example, will remove some risks relating to the build and configuration of a large numbers of servers and their ongoing maintenance. However, the cloud also allows mistakes to be made at an unprecedented scale and magnitude. A recent error that exposed more than a million healthcare records reminds us that using the cloud without proper cyber security safeguards can result in widespread damage,"
2. Insider Threat the Most Significant and Potentially Damaging Risk in 2016
As attackers increasingly obtain legitimate credentials from employees, customers, suppliers or contractors and exploit network access in ways that are difficult to predict, insider threat is likely to be the most significant and potentially damaging risk in 2016. Industry reports have also revealed a surge in cyber espionage across Southeast Asia in the first half of 2015, as the region becomes a larger economic player on the global stage.
"The US Office of Personnel Management hack in June and the recently reported VTech hack are sharp reminders that attackers are having an impact on trusted organisations at scales almost unimaginable. These incidents have shown us yet again that once perimeter defences have failed, many organisations remain blind to in-progress attacks for long periods of time, until the business and reputational damage becomes impossible to contain," said Aurora.
"We have also observed breaches within organisations that have gone unnoticed for up to 200 days, before the vulnerability was brought to light. On that note, companies need to accept the new reality - the threat is, by default, inside organisations, and must be kept in check by continual monitoring and advanced detection," added Aurora.
Sign up for CIO Asia eNewsletters.