Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Asia Pacific breaches hidden from public glare

Anuradha Shukla | Aug. 29, 2016
This is because organisations in the region are often unprepared to identify and respond to breaches, according to Mandiant’s M-Trends Asia Pacific report.

 Most breaches in the Asia Pacific region never became public, according to the findings of Mandiant's M-Trends Asia Pacific report.

Most governments and industry-governing bodies in the region lack effective breach disclosure laws.

Often unprepared to identify and respond to breaches, Asia Pacific organisations frequently lack basic response processes and plans, threat intelligence, technology and expertise.

Attackers can thus dwell in their environments for a median period of 520 days before getting discovered. This is 374 days higher than the global median of 146 days.

"Unfortunately being unprepared for a breach is business as usual in Asia Pacific, and the region's governments and boards need to address this further," said Rob van der Ende, Vice President for Mandiant Consulting, Asia Pacific and Japan at FireEye (the parent company of Mandiant).

Steps to improve security posture

Organisations in the Asia Pacific region should review network ingress/egress points and use appropriate monitoring on each application service that crosses the estate boundary.

Reviewing each security logging device will ascertain how security risks will be identified and alerted when they occur.

Adopting a behavioural analysis detection approach with log data will help identify high-risk security threats because signature detection will only find known threats.

Once a breach is occurred, an organisation should assemble a crisis management team, fully scope the incident, avoid premature remediation and reach out for professional incident response support when required. 

"To significantly improve, organisations must bring together the technology, threat intelligence and expertise necessary to quickly detect and respond to cyber -attacks," added van der Ende. "Firms can benefit by embracing modern response techniques rather than legacy approaches, which often fail to find the attacker's needle in the haystack."

 

Sign up for CIO Asia eNewsletters.