Most breaches in the Asia Pacific region never became public, according to the findings of Mandiant's M-Trends Asia Pacific report.
Most governments and industry-governing bodies in the region lack effective breach disclosure laws.
Often unprepared to identify and respond to breaches, Asia Pacific organisations frequently lack basic response processes and plans, threat intelligence, technology and expertise.
Attackers can thus dwell in their environments for a median period of 520 days before getting discovered. This is 374 days higher than the global median of 146 days.
"Unfortunately being unprepared for a breach is business as usual in Asia Pacific, and the region's governments and boards need to address this further," said Rob van der Ende, Vice President for Mandiant Consulting, Asia Pacific and Japan at FireEye (the parent company of Mandiant).
Steps to improve security posture
Organisations in the Asia Pacific region should review network ingress/egress points and use appropriate monitoring on each application service that crosses the estate boundary.
Reviewing each security logging device will ascertain how security risks will be identified and alerted when they occur.
Adopting a behavioural analysis detection approach with log data will help identify high-risk security threats because signature detection will only find known threats.
Once a breach is occurred, an organisation should assemble a crisis management team, fully scope the incident, avoid premature remediation and reach out for professional incident response support when required.
"To significantly improve, organisations must bring together the technology, threat intelligence and expertise necessary to quickly detect and respond to cyber -attacks," added van der Ende. "Firms can benefit by embracing modern response techniques rather than legacy approaches, which often fail to find the attacker's needle in the haystack."
Sign up for CIO Asia eNewsletters.