Published on November 16, 2023, 8:18 pm

Organizations in the Asia Pacific and Japan (APJ) region are facing challenges when it comes to performing essential security operations, such as threat hunting. A recent survey conducted by Sophos revealed that 93% of the participants identified these tasks as challenging.

Among the challenges highlighted in the survey, one important issue is understanding how an attack occurred. A staggering 76% of respondents reported difficulties in identifying the root cause of cybersecurity incidents. This lack of understanding makes it harder for organizations to address and remediate attacks properly, leaving them vulnerable to repeated or multiple adversarial actions. Additionally, 71% of those surveyed stated that they struggle with timely remediation.

Another key finding from the survey is that 74% of organizations face challenges in determining which signals or alerts to investigate. This difficulty leads to inefficiencies and delays in incident response efforts. Furthermore, 71% reported difficulties in prioritizing investigations, adding complexity to their cybersecurity operations.

The survey report, “The State of Cybersecurity 2023: The Business Impact of Adversaries on Defenders,” captured insights from 3,000 IT/cybersecurity leaders across 14 countries in APJ. The study was conducted over January and February this year.

John Shier, field CTO for commercial at Sophos, emphasized the need for a timely and coordinated response to today’s cyber threats. He expressed concern over organizations being stuck in a reactive mode, which not only affects core business priorities but also takes a toll on individuals. Shier stated that cyberattacks are keeping more than half of global respondents up at night.

To address these challenges effectively, Shier suggested eliminating guesswork and applying defensive controls based on actionable intelligence. By doing so, IT teams can devote their resources to enabling business operations instead of constantly battling active attacks.

The survey also revealed other notable findings:

– Half of the participating organizations believe that cyber threats have become too advanced for them to handle alone.
– 63% of respondents expressed a desire for their IT teams to focus on strategic issues rather than firefighting incidents.
– The time spent on cyber threats has had an impact on the IT team’s ability to work on other projects, according to 55% of respondents.
– Although 94% of organizations are collaborating with external specialists to scale their cybersecurity operations, a majority still prefer to manage threats internally instead of adopting a fully outsourced approach.

Interestingly, only 20% of respondents considered vulnerabilities and remote services as top cybersecurity risks for 2023. However, Shier pointed out that Active Adversaries often exploit these areas, highlighting the importance of addressing these risks.

Shier concluded that organizations faced operational issues due to an incomplete understanding of their cybersecurity landscapes. This lack of visibility results in actions based on incorrect information and potentially harmful consequences. He emphasized the value of external audits and monitoring to eliminate blind spots and gain insights into an organization’s security posture.

The challenges highlighted in this survey shed light on the ongoing struggles organizations in APJ face when it comes to managing cybersecurity tasks effectively. As threats continue to evolve, it is crucial for organizations to adopt proactive approaches that prioritize threat hunting, incident response coordination, and continuous improvement of security operations.


Comments are closed.