Published on November 8, 2023, 10:42 pm

Automation plays a vital role in cybersecurity, yet a recent report has revealed that only 24% of organizations in North Asia are using advanced automation for protection against cyberattacks. This statistic is surprising considering the security leaders who were surveyed expressed confidence that better security automation could reduce nearly 50% of serious security incidents.

The report, conducted by Telstra in partnership with research firm Omdia, surveyed 250 senior technology decision makers at the end of 2022 to assess the state of Security Operations (SecOps) in North Asia. The objective was to evaluate security automation maturity across different technology environments and threats.

Adam Etherington, senior principal analyst for digital enterprise services at Omdia, highlighted growing concerns over cybersecurity as a potential constraint to digital ambitions in North Asia. The survey results showed that one-third (32%) of companies in the region experienced an increase in cyberattacks across their entire IT stack over the past year, particularly on endpoints, networks, and operational technology devices. Of those organizations, 66% reported a surge in serious breaches.

These cyberattacks had significant consequences for affected firms. Forty percent experienced revenue loss, while 38% suffered reputational damage and 34% faced operational downtime. It is clear that addressing the cybersecurity challenge is vital.

According to Etherington, leveraging automation within SecOps can enhance threat telemetry, unify toolsets, and harness advancements in artificial intelligence and machine learning to better protect against advanced persistent threats. However, he cautioned against relying solely on technology for protection. Third-party expertise and support are necessary to address people-related challenges and align processes and tools with industry context, regulatory requirements, and corporate objectives.

In addition to these challenges, many organizations are investing in additional cybersecurity platforms to combat rising incidents and breaches. This has resulted in sprawling toolsets that generate a higher volume of alerts and false positives. Security professionals find it challenging to manage this large volume of threat alerts, alarms, tickets, and potential incidents.

The false positives overwhelming security teams are fueled by the increase in the attack surface as operational technology devices become integrated with IT systems. Other contributing factors include patch management delays, device management issues across legacy technologies, and a wide variety of non-integrated toolsets.

To overcome these challenges and achieve optimized automation, organizations need to continually assess their cybersecurity resilience, seek the right cyber partner, and unlock value from their security tools. This journey towards automation may be long, but it is crucial to collaborate with experienced specialists who can guide organizations in adopting the most suitable operational model.

In conclusion, while the use of advanced automation for cybersecurity is limited in North Asia, there is a real opportunity for organizations to leverage automation to drive operational efficiency and address known security incidents. By doing so, operational teams can focus on higher risk threats, reduce staff burnout, and better safeguard vital business assets. It is imperative that organizations invest in robust security measures supported by automation technologies to protect themselves from cyber threats effectively and ensure their ongoing digital transformation projects are secure.


Comments are closed.