Global cybersecurity leader Fortinet® has released the results of a recent survey conducted by IDC, shedding light on the current state of Security Operations (SecOps) in the Asia-Pacific region, with a particular focus on the Philippines. The survey, commissioned by Fortinet, delves into crucial aspects of cybersecurity, highlighting the pressing need for Artificial Intelligence (AI) and automation in the face of escalating threats.
“In the ever-evolving threat landscape, organizations grapple with a spectrum of cyber threats targeting their digital assets. Fortinet’s Security Operations Solutions, underpinned by advanced AI, not only address the pressing need for automation but also provide a comprehensive strategy for incident detection and response. Our commitment to empowering organizations in navigating the dynamic cybersecurity terrain is showcased through innovative solutions. These include an impressive one-hour (less in most cases) average time to detect and contain threats, an 11-minute investigation and remediation average, a staggering 597% ROI, a doubling of team productivity, and a substantial US $1.39 million reduction in expected breach costs,” according to Rashish Pandey, Vice President, Marketing & Communications, Asia and ANZ at Fortinet.
Current Security Landscape: Phishing & Ransomware at the Forefront
In the Philippines, cybersecurity challenges are pronounced, with phishing and ransomware emerging as the top concerns for over 50% of organizations surveyed. Ransomware incidents have doubled, reporting a 56% increase in 2023 compared to the previous year. Notably, phishing and malware remain primary attack vectors, alongside social engineering attacks, insider threats, and IoT vulnerabilities.
Remote Work Impact & Insider Threats Surge
The rise of remote work has contributed to an 82% increase in insider threat incidents, with respondents citing insufficient training, lack of employee care, and communication gaps as contributing factors. Shockingly, only 50% of businesses have dedicated IT resources for security teams, amplifying the challenges faced in fortifying cybersecurity measures.
Emerging Technologies Pose Challenges
Hybrid work models, AI, and the convergence of IT/OT systems present significant challenges, with cloud technology adoption emerging as a primary vulnerability. The need for addressing skill development within SecOps teams is crucial to effectively navigate these challenges.
Alert Fatigue & Threat Containment Struggles
The survey also highlighted the significant impact of alert fatigue on threat containment in the Philippines. Almost half of the surveyed enterprises expressed concerns about being underequipped for threat containment, with alert fatigue being a key contributing factor. Alert fatigue affects security strategies at multiple levels, hindering proactive approaches to cybersecurity. Analysts overwhelmed by alerts become reactive, focusing on immediate issues rather than engaging in proactive threat hunting or developing robust security processes. The opportunity cost of spending excessive time on alert management is evident, as it takes away from activities such as evaluating better tools, training employees, and establishing proactive security measures. In addition, the high proportion of false positives (25%) further exacerbates the issue, leading to a significant portion of analysts’ time being spent on non-relevant alerts. Ultimately, the direct impact on the organization’s security posture emphasizes the importance of freeing up human capital for more strategic and nuanced security tasks.
Automation Adoption: Untapped Potential & Productivity Gains
While 94% of organizations have embraced automation and orchestration tools, the survey indicates that the full potential of these technologies is yet to be realized. Notably, 92% of respondents have experienced significant productivity gains, with at least a 25% improvement in incident detection times attributed to automation.
Future Focus: Prioritizing Faster Threat Detection & Holistic Automation
Organizations across the Philippines express their intent to implement automation and orchestration tools within the next 12 months, focusing on areas such as response triage, incident containment, and recovery. Future priorities include boosting network and endpoint security, staff cyber awareness, threat hunting and response, critical systems updates, and security audits.
This recent survey underscores the urgency for organizations to adopt AI and automation as integral components of their cybersecurity strategies, emphasizing the need for a proactive and comprehensive approach to SecOps.