BUSINESS TECH | Nearly half of cyber threat alerts not addressed by PH companies
MANILA, PHILIPPINES — Companies in Philippines do not address nearly half of the legitimate cyber threat alerts they receive, according to Cisco 2018 Asia Pacific Security Capabilities Benchmark Study, released recently.
Among those surveyed, 42 percent say they receive more than 5000 alerts each day. While companies in Philippines rank the lowest in Southeast Asia among those receiving more than 5,000 alerts per day, the real challenge lies in what comes after the alert is received, and how many are actually investigated.
The study shows that on average just 50 percent of the alerts received are investigated by companies in Philippines. Of those investigated, on average, only 30 percent turn out to be legitimate, of which only 51 percent are acted upon and corrected. This suggests that more work is needed to help companies and security professionals in Philippines to tackle the rapidly evolving cyber threat landscape.
The results of the study highlight the scale of the challenge faced by the companies, with 79 percent of respondents saying their organization has suffered a breach in the past year.
Cyberattacks are also having a significant financial impact. Among those who suffered an attack in the past twelve months, 35 percent say it cost them US$500,000 or more, while 25 percent say the cost was US$1 million or more. This includes costs from lost revenue, loss of customers, and out of pocket expenses etc.
“In the Philippines, digital transformation has been a favourite theme for consumers, businesses, and the government,” said Karrie Ilagan, newly-appointed managing director for Philippines at Cisco. “While we have seen many benefits from digital innovation and adoption, it is important to ensure that we have the right infrastructure, processes, and technologies in place that continue to enable and empower digital growth. The ability to tackle the cybersecurity threat is critical on that front.”
“All stakeholders need to work together in a coordinated manner to achieve this,” said Ilagan. “Businesses need to raise awareness about the issue, have proper processes in place and deploy the right technologies to help identify, block or address any attacks. We need strict regulations that deter malicious actors from taking the risk of launching such attacks. Finally, we need to develop local cybersecurity talent so we have the manpower to support the country’s digital drive in a sustainable manner.”
Cyberattacks are starting to evolve from just targeting IT infrastructure to attacking operational infrastructure, intensifying the challenge for companies. According to the survey, 19 percent of respondents say they have already seen cyberattacks on their operational infrastructure, 35 percent said they expect similar attacks to take place on them within the next one year.
Given the growing scale of cyber threats, respondents say they expect scrutiny of their security policies to increase over the next one year from all stakeholders, especially their customers who are keen to ensure their data is protected. Among those surveyed, 76 percent say they expect increased scrutiny from customers. Privacy concerns are also delaying sales for the companies, with 66 percent of respondents saying such concerns are adding time to the sales cycle.
“When it comes to cyber security, it is no longer a case of a company needing to protect just its own IT infrastructure,” said Stephen Dane, managing director of Security for Asia-Pacific, Japan and China at Cisco. “Today, business partners, customers, and employees expect a company to keep their data secure. With stringent regulations like the European Union’s General Data Protection Regulation (GDPR) coming into force, the pressure on companies to have the right policies, technology and resources in place will only increase. Those who lag behind run the risk of not only facing high financial penalties, but also losing the trust of customers.”
The use of multiple vendors and products is making the challenge more complex. The study shows that 39 percent of surveyed organizations work with more than 10 security vendors, while 41 percent use more than 10 security products or solutions. This creates complexity and increases vulnerability, as having different security products, can lengthen the time to identify and contain a breach. The study highlights that companies are already facing this issue, with 97 percent of respondents saying they find it challenging to orchestrate multiple vendor alerts.
To put this in context, it is estimated that an almost instant detection of a cyber security breach within a large enterprise costs the business US$433,000. If detection is delayed by more than a week, this figure triples to an average US$1,204,000.
Key recommendations: Based on the findings of the survey, the study has made a series of recommendations that will provide companies with more actionable visibility into the threat landscape, reduce their exposure and improve their security posture. The report states that companies should consider: Adopting next-generation end point process monitoring tools;
accessing timely, accurate threat intelligence data and processes that allow for data to be incorporated into security monitoring and eventing; implementing first line–of-defence tools that can scale, like cloud security platforms; employing network segmentation to help reduce outbreak exposures; and, reviewing and practicing security response procedures regularly.