Extended cyber detection and response facing implementation challenges in APAC

The lack of implementation expertise, in-house staff resources, and recognition of cyberthreats by organisation leaders are the main reasons for the lack of certain cyber solutions, according to a Trellix survey.
Written by Campbell Kwan, Contributor
POV cyber hacker attacks
Image: Getty Images/iStockphoto

Three out of four government agencies and critical infrastructure entities in the Asia-Pacific region have flagged extended detection and response (EDR-XDR) solutions as being the most difficult to implement for bolstering cyberdefence efforts, according to a Trellix cybersecurity survey.

The findings arise after cybersecurity firm Trellix surveyed 200 IT security professionals from Indian, Australian, and Japanese government agencies and critical infrastructure providers that have 500 or more employees.

The survey comes amidst government agencies and critical infrastructure entities in the region facing increasingly more cyber attacks, Trellix said.

Last month, IBM said the Asia-Pacific was the most targeted region last year, accounting for one in four cybersecurity attacks launched worldwide. In that region, Australia, India, and Japan experienced the most incidents.

Among Australian and Indian respondents, 76% and 77% of them, respectively, identified EDR-XDR solutions as the most difficult for organisations to implement. Meanwhile, for Japanese respondents, 71%, said the same thing.

The root of this difficulty differed between the countries, however, with 60% of Indian respondents identifying a lack of implementation expertise as the biggest barrier for implementing new cybersecurity solutions. For almost half of Australian respondents, they said a lack of in-house staff resources was the biggest barriers for the implementation of new cybersecurity solutions. Japanese respondents flagged a lack of implementation expertise and a lack of recognition from leadership for the need to invest as the top barriers.

Due to the rising number of cyberthreats, organisations also told Trellix that the task of uplifting software supply chain risk management policies and processes was "extremely or highly difficult".

74% percent of surveyed Japanese respondents said this was the case, while 65% and 63% of Indian and Australian respondents, respectively, echoed the same sentiment.

79% of Australian respondents, 82% of Indian respondents, and 66% of Japanese respondents also voiced concerns that there has historically been little oversight over how and where cybersecurity products are developed.

In terms of what the surveyed organisations believed would be most beneficial for upping cybersecurity standards across the Asia-Pacific region, 86% flagged government prescribing higher cybersecurity standards as one of the core solutions.

"The software supply chain attacks on SolarWinds and Microsoft focused global attention on the seriousness of software supply chain cyber threats and how complicated it is to protect against them. They also realise that their governments can play a significant role in improving their cyber defenses," Trellix said.

Another new survey, this one performed by BDO, revealed that organisations in Australia and New Zealand are making less ransomware payments but have also seen other adverse impacts grow. For instance, the number of security incidents involving data recovery efforts saw a rise of nearly 160%, with a 5% increase in reportable data breaches accompanying this.

"Respondents are realising it's important to look at cyber security incidents as more than just ransoms paid. Industry professionals have noticed that although the number of ransoms being paid is decreasing, the targeting of larger organisations or 'big game hunting' of ransoms is maturing," BDO said.

According to BDO, the increase in data recovery exercises correlates with respondent data that indicated a 175% year-on-year increase of emails being the source of respondent data breaches. BDO said this uptick is another instance of remote work introducing a range of new systems and issues, such as document sharing and distribution.

Cyber attacks are also becoming more advanced, requiring significantly more time to recover from, respondents told BDO. Compared to 2020, the number of cyber attacks in 2021 causing multiple days of system downtime increased by nearly 215%.

Amidst this growing landscape, the Australian and Japanese governments have added more resources to protect against threats. Last year, Japan's Ministry of Defense announced plans to bolster its cybersecurity unit by bringing on 800 new cyber staff to help defend against increasingly sophisticated attacks. In Australia, the federal government pledged to create 1,900 new government jobs over the next five years for one of its cyber agencies, although some experts have expressed concern that those jobs may not be filled due to the country's tech skills shortage.

Related coverage

Editorial standards