3. Machine-learning Key to Businesses' Pursuit of Proactive Cyber Security
According to Gartner, information security has become a priority for businesses, with worldwide spending on information security projected to reach US$76.9 billion by the end of 2015. The research firm highlighted the emergence of new technologies, which provide contextual information and security intelligence, as key to improving organisations' understanding of today's evolving internal and external threats. Due to talent shortages, more than half of APAC organisations are seeking data-driven security capabilities to plug the gap.
"Whether we're talking about startups, SMEs, MNCs or public sector organisations, the importance of digital information - as well as the need for pragmatic knowledge in securing systems and data - remain consistent. Across the board, we're seeing a high incidence of threat actors unlawfully claiming and using intellectual property. These threat actors, who are also targeting young and innovative companies, could very well walk away with entire businesses. Cyber threats are not just an expensive annoyance, but can deal devastating blows to creative concepts and competitive positions," said Aurora.
"In 2015, the capability of machines to provide a full view of and automatically learn what is normal and abnormal within a network, as well as identify in-progress cyber-attacks, has been an important innovation for the cyber defence sector, especially when it becomes humanly impossible to keep up with every component within an organisation's expanding network. In 2016, companies that aim to be successful in proactive cyber security will need to embrace this model of 'immune system' technology, which continually looks out for network abnormalities and alerts the security team in real-time, before serious damage is done."
4. Security Professionals Must Become More Conversant with Business Risks
Regionally, cyber attacks are estimated to have cost APAC businesses US$81 billion in the past 12 months. To safeguard revenue, reputation and intellectual property, the issue of cyber security has become a common topic during boardroom discussions, with policies being constantly developed to address ongoing cyber threats. 45 percent of boards now participate in the formulation of security strategy, with that number set to increase in 2016.
"In 2015, we saw countries like Singapore and New Zealand introduce cyber security toolkits for SMEs - this is a good step in educating employees beyond the IT department on the sophistication and seriousness of today's threats. In 2016, cyber security will move further toward the boardroom as a corporate issue and become a continual process of risk mitigation, rather than a problem left for the IT department to independently resolve. As a result, security professionals must become more conversant with business risks and business objectives, rather than remain as narrow and deep technological experts," concluded Aurora.
Sign up for CIO Asia eNewsletters.