“There is a real opportunity for organisations to leverage automation to drive operational efficiency and address known security incidents, allowing operational teams to focus on higher risk threats. This has the potential to reduce staff burnout and better safeguard vital business assets,” said Paul Abfalter, Head of North Asia at Telstra.
The OMDIA survey of 250 senior technology leaders in North Asia revealed that 32% of firms have seen an increase in cyber-attacks over the past 12 months across their entire IT stack, most notably endpoints, network, and operational technology devices. Also, 66% of those that experienced significantly increased serious security incidents also observed a surge in serious breaches.
The research also revealed that 40% of firms lost revenue due to these attacks, whilst 38% suffered reputational damage and 34% sustained operational downtime. However, security leaders are confident that with better security automation, they could reduce nearly 50% of all serious security incidents.
The research found that only 24% of regional organisations are advanced in leveraging security automation, confirming that the rate of security automation is relatively low in North Asia, with limited use across the region.
Adam Etherington, a senior principal analyst for digital enterprise services at OMDIA, says security is becoming a growing concern and a potential constraint to digital ambitions in the region. He stressed that security automation is vital to address this challenge.
"Leveraging automation in SecOps can enrich threat telemetry, unify toolsets, and harness AI/ML advancements to better protect, detect and respond to advanced persistent threats. However, technology alone won't solve the problem."Adam Etherington
"Third-party expertise is critical to address people, process and tool impacts within each firm's industry context, regulatory requirements, and corporate objectives,” he continued.
Although many organisations are investing in additional cybersecurity platforms to overcome rising incidents and breaches, this has resulted in sprawling toolsets that generate a higher volume of alerts and false positives.
The survey found that a large volume of threat alerts, alarms, tickets, and possible incidents generated by various security tools are causing issues for security professionals.
The false positives overwhelming security teams are caused by a dramatic increase in the attack surface as more operational technology (OT) devices become integrated with IT systems, lagging patch and device management across legacy technologies and a wide variety of non-integrated toolsets.
“Security executives must continually assess their organisational cybersecurity resilience to support ongoing digital transformation, leverage the right cyber partner and unlock value from security tools. Reaching optimised automation can be a long journey."Paul Abfalter
"It is important to work with experienced and trusted specialists to discover the best adoption and operational model for your organisation,” Abfalter added.