Is cyber resilience a priority of your organisation?
According to IDC 2022 Future Enterprise Resiliency and Spending Survey, 65% of enterprises in the Asia Pacific experienced ransomware attacks or breaches that blocked systems or data access, with 83% of compromised businesses suffering downtime and business disruptions ranging from a few days to several weeks.
The financial losses from such targeted cyberattacks cost up to US$109,000 for enterprise segment in 2022, including reputational damage as proprietary data gets leaked or sold to other malicious threat actors, Kaspersky pointed out.
The security company said it has detected more than 1 billion cyberthreats to date and 400,000 new malware samples detected daily.
In the face of a pervasive and persistent threat, the true goal for cybersecurity operations beyond detecting and stopping threats is cyber resilience, Kaspersky noted.
An IDC Analyst Brief — titled Building Cyber Resiliency in a Digital-First Era — indicated 52.6% of Asia/Pacific businesses to date are prioritising transforming their networks to better support a distributed workforce and hybrid cloud environments.
Cyber resilience: A security framework for a new digital era
A strategic framework that combines business continuity, information systems security, risk management and organisational resilience in tandem with a goal to enhance cyber-response capabilities across the board, a cyber resilience framework aims to ensure that an organisation can deliver intended outcomes and continue business operations with little or no downtime even when undergoing challenging cyber threats, Kaspersky advised.
Organisations need to align their cyber resilience strategies with both their business leaders and technologists, working closely together to ensure minimal disruption and easier recovery from evolving cybersecurity threats, though this is easier said than done, the firm added.
According to the IDC 2022 Asia/Pacific Enterprise Services and Security Sourcing Survey, 43% of businesses in the region stated that the biggest challenge to improving IT security capabilities was aligning business and security goals.
However, obstacles such as shortage of skilled IT security professionals, the implementation of fragmented IT and security platforms and the human factor in staff who do not have sufficient cybersecurity awareness training make the implementation of a working cyber resilience framework a daunting task, said Adrian Hia, Managing Director for APAC, Kaspersky.
“The growing sophistication of malware and often limited IT budgets also means that harried cybersecurity teams are outpaced with the sheer number of threat vectors,” Hia added.
How to stay ahead of cyber threats
To stay ahead of cyber threats, organisations are seeking to collaborate with trusted cybersecurity vendors, especially those with extended detection and response (XDR) capabilities that offer their services and expertise on a technological, organisational and human resources front to ensure cyber resilience initiatives remain on-track, said Kaspersky.
The implementation of XDR allows cybersecurity assets to unify data from various endpoints, leveraging artificial intelligence and machine learning (AI/ML), advanced analytics and automation to proactively detect and respond to cyberattacks more rapidly while reducing the complexity of siloed security tools that lack integration and interoperability, the firm pointed out.
By outsourcing XDR to a trusted partner, organisations are able to obtain access to the right expertise and technology to fast track cyber resilience initiatives while helping to take the workload off internal cybersecurity teams to manage tasks that fall outside the purview of a managed extended detection and response service, the firm added.