Malaysia Braces Against Treacherous Cybersecurity Threats

Fortinet® has unveiled insights from an IDC survey on the state of Security Operations (SecOps) in Asia-Pacific, with a particular focus on Malaysia.

The survey emphasised the critical role of Artificial Intelligence (AI) and automation in tackling prevalent cybersecurity challenges.

Key findings shed light on various aspects, including common cyber threats, the surge in ransomware incidents, insider threats due to remote work, and the impact of emerging technologies on security.

Current Security Challenges: Threats and Team Readiness

1. Phishing Dominates Concerns: Phishing is the primary cyber threat in Malaysia, ranking at the top concern for 54% of organizations. Other major threats include ransomware, unpatched vulnerabilities, identity theft, and IoT-based attacks.
   
2. Ransomware on the Rise: Ransomware incidents have doubled, with over 50% of organizations reporting a 2X increase in 2023 compared to 2022. Insider threats and inadequate training contribute to the surge.
   
3. Remote Work Challenges: Remote work has led to an 88% increase in insider threat incidents. Insufficient training, lack of employee care, and inadequate communication are contributing factors.
   
4. Resource Constraints: Only 38% of businesses have dedicated IT resources for security teams, posing challenges for organizations in strengthening security measures.
   
5. Impact of Emerging Technologies: Hybrid work, AI, and IT/OT system convergence present significant challenges. Cloud technology adoption emerges as a primary hurdle, impacting organizational vulnerability to cyber threats.

SecOps Struggles: Alert Fatigue and Threat Containment

1. Concerns About Threat Containment: 48% of organizations express concerns about being underequipped for threat containment, emphasizing the need to enhance cybersecurity capabilities.
   
2. Alert Fatigue: More than 50% of enterprises face an average of 221 incidents per day, leading to alert fatigue. Top alerts include suspicious emails (phishing) and malware or virus detections.
   
3. Workload and Time Constraints: On average, one SecOps professional manages about 47 alerts daily, allowing just over 10 minutes per alert within an 8-hour workday. This underscores the necessity for efficient processes, automation, and prioritization.
   
4. False Positives and Response Time: 62% of respondents note that at least 25% of the alerts they receive are false positives. 92% of teams take more than 15 minutes to validate an alert, emphasizing the need for automation.
   
5. Skills Development Challenge: 98% find it challenging to keep their team’s skills updated. The ability to automate is prioritized as a key skill for Security Operations Centre (SOC) teams.

Automation in SecOps: Current Adoption and Future Possibilities

1. High Adoption and Productivity Gains: 92% of organizations have embraced automation tools, with 89% experiencing significant productivity gains, including a 25% improvement in incident detection times.
   
2. Future Plans for Optimization: All organizations in Malaysia express their intent to implement automation and orchestration tools within the next 12 months. Focus areas include response triage, incident containment, and minimizing recovery time.

Beyond Threats: SecOps Preparedness and Future Priorities

1. Faster Threat Detection and Holistic Automation: Organizations prioritize faster threat detection (100%) and holistic automation to maximize visibility, automated responses, and threat intelligence (50%).
   
2. Future Security Operations Priorities: Top priorities for the next 12 months include boosting network and endpoint security, empowering staff cyber awareness, elevating threat hunting and response, updating critical systems, and performing security audits.

The survey highlights the need for a proactive approach in cybersecurity, leveraging AI, automation, and strategic planning to address the dynamic threat landscape.

Organisations are focusing on enhancing detection and response times, optimising automation processes, and prioritising comprehensive cybersecurity measures.

Simon Piff, Research Vice-President, IDC Asia-Pacific: “The integration of AI-assisted tools, reassessment of staffing, potential outsourcing, and increased automation emerge as imperative facets highlighted by the survey, emphasizing the urgency for organizations to embrace automation strategically.”

Rashish Pandey, VP Marketing & Communications, Asia and ANZ, Fortinet: “Fortinet’s Security Operations Solutions, underpinned by advanced AI, not only address the pressing need for automation but provide a comprehensive strategy for incident detection and response.”

Dickson Woo, Country Manager, Fortinet Malaysia: “Automation, in this context, emerges as the linchpin in navigating the challenges of today’s dynamic threat landscape.”