Photo - Albert Chai, Managing Director, Cisco Malaysia.
According to networking solutions company Cisco's new 2016 Annual Security Report, there has been a decline in defender confidence, a deeper impact from industrialised attackers as well as increasing cyber threats in Malaysia.
Speaking of the report findings, Cisco Malaysia managing director Albert Chai said that only 45 percent of organisations worldwide were now confident in their security posture as today's attackers are launching more sophisticated, bold and resilient campaigns.
"Security threats in Malaysia are still on the rise," said Chai. "Today, most organisations will need to access public cloud solutions by bypassing IT. This is a matter of concern for many Malaysian CIOs and CEOs given that it puts their organisations at substantial risk for data security and compliance challenges."
"In addition, online attackers have become bold and are adopting an integrated approach by the day, setting up complex infrastructures that are hard to detect," he said.
Chai said that while the report shows that executives may be uncertain about their security strength, 92 percent of them agree that regulators and investors will expect companies to manage cybersecurity risk exposure. These leaders are increasing measures to secure their organisations' future, particularly as they digitise their operations.
Another findings was that hackers were increasingly tapping into legitimate resources to launch effective campaigns for profit-gain. Additionally, direct attacks by cybercriminals, leveraging ransomware alone, put US$34 million a year per campaign into their hands. These miscreants continue to operate unconstrained by regulatory barriers, he said.
"This means an integrated approach is an absolute imperative for businesses in Malaysia to secure their critical infrastructure," Chai said. "Working towards a cohesive security landscape, where companies, industries, and governments like Cybersecurity Malaysia communicate and collaborate to thwart cyber criminals can prevent significant data loss. This goes across the network to the endpoint and from the cloud to every corner of operations."
Call to arms
Chai said businesses faced security challenges that challenged their ability to detect, mitigate and recover from common and professional cyberattacks. In addition, aging infrastructure and outdated organisational structure and practices are putting them at risk.
The study pointed to a global call-to-arms for greater collaboration and investment in the processes, technologies and people to protect against industrialised adversaries, he said.
Some of the key findings from the survey are reproduced below:
- Decreasing confidence, increasing transparency: Less than half of businesses surveyed were confident in their ability to determine the scope of a network compromise and to remediate damage.
- Time to detection faster: The industry estimate for time to detection of a cybercrime is an unacceptable 100 to 200 days.
- Aging infrastructure: Between 2014 and 2015, the number of organisations that said their security infrastructure was up-to-date dropped by 10 percent. The survey discovered that 92 percent of Internet devices are running known vulnerabilities. Thirty-one percent of all devices analysed are no longer supported or maintained by the vendor.
- SMBs as a potential weak link: As more enterprises look closely at their supply chain and small business partnerships, they are finding that these organisations use fewer threat defence tools and processes. For example, from 2014 to 2015 the number of SMBs that used web security dropped more than 10 percent. This indicates potential risk to enterprises due to structural weaknesses.
- Trust matters: With organisations increasingly adopting digitisation strategies for their operations, the combined volume of data, devices, sensors, and services are creating new needs for transparency, trustworthiness, and accountability for customers.
- Outsourcing on the rise: As part of a trend to address the talent shortage, enterprises of all sizes are realising the value of outsourcing services to balance their security portfolios. This includes consulting, security auditing and incident response. SMBs, which often lack resources for an effective security posture, are improving their security approach, in part, by outsourcing, which is up to 23 percent in 2015 over 14 percent the previous year.
- Shifting server activity: Online criminals have shifted to compromised servers, such as those for WordPress, to support their attacks, leveraging social media platforms for nefarious purposes. For example, the number of WordPress domains used by criminals grew 221 percent between February and October 2015.
- Browser-based data leakage: While often viewed by security teams as a low-level threat, malicious browser extensions have been a potential source of major data leaks, affecting more than 85 percent of organisations. Adware, malvertising, and even common websites or obituary columns have led to breaches for those who do not regularly update their software.
- The DNS blind spot: Nearly 92 percent of "known bad" malware was found to use DNS as a key capability. This is frequently a security "blind spot" as security teams and DNS experts typically work in different IT groups within a company and don't interact frequently.
The Cisco 2016 Annual Security Report analyses trends and issues in cybersecurity from Cisco security experts on the advances made by both the security industry and by the criminals hoping to break through security defences.
Sign up for CIO Asia eNewsletters.