Median 'dwell' time for cyber intrusion highest in APAC at 172 days: FireEye

The time between an attacker compromising a secured network and the breach being detected is the highest in the APAC region, with the median 'dwell' time 73 days above the global median of 99 days.
Written by Asha Barbaschow, Contributor

Organisations in the Asia Pacific region are lagging behind their global counterparts when it comes to cybersecurity, with a report from FireEye revealing the median dwell time before an intrusion is detected in the region is 172 days.

According to Cyber Evolution: En Route to Strengthening Resilience in Asia-Pacific, the median number of days between network intrusion and the detection of the threat actor on a global scale is 99 days.

By comparison, Europe, the Middle East, and Africa have a median dwell time of 106 days, while the Americas boast the same median as the global figure.

According to the report, countries in APAC have generally fared "relatively badly" in dealing with cybersecurity disruptions due to lower cyber awareness levels. Having many legacy systems in place, as well as a lack of necessity to upgrade systems or even better protect them has resulted in complacency, FireEye said, noting this is partly due to there being no single, standardised cybersecurity protocol or notification requirements for businesses to adhere to.

It is also due to a basic lack of investment in appropriate cybersecurity measures that FireEye said results in APAC having the highest dwell times.

Citing the global Marsh/Microsoft Global Cyber Risk Perception Survey 2017 that was administered between July and August 2017, FireEye said cyber attacks with financial motivations were perceived as the top cyber threats for 39 percent of international corporations across industry sectors in APAC.

Companies operating in APAC are also concerned about insider threats on the whole, FireEye said, highlighting 54 percent of respondents ranked employees or contractors with malicious intent, human error, third-parties with access to the network systems, and operational errors as the next biggest threats.

Read also: 10 things in cybersecurity that you might have missed in 2017

31 percent of FireEye's clients that were targeted in cyber attacks hailed from the financial services industry, while the energy and utilities sector accounted for the second highest with 10 percent, and telecommunications was a close third claiming 9 percent of FireEye's total investigations.

"Cyber crime is the greatest threat to the financial services industry," the report says.

Cyber espionage is another significant threat to the industry, FireEye said, with financial services witnessing attackers using a higher-than-average number of watering holes -- such as compromised third-party websites trusted by members of the finance industry -- to deliver malware and profile targets while appearing to deliver legitimate traffic.

Meanwhile, FireEye has labelled Advanced Persistent Threat (APT) groups that will likely attempt to steal IP to improve their state's domestic infrastructure, or provide an advantage in negotiations with foreign companies as the biggest threat-type facing the energy and utilities sector.

"Across APAC, the three most-investigated industries -- financial, energy and utilities, and telecommunications -- exemplify the urgent need for higher awareness levels, stronger mitigation measures, and improved cybersecurity postures," the report says.

"While cyber is perceived as a top risk across APAC, this perception is inconsistent with the region's level of preparedness."


APAC firms see clueless employees as biggest security threat

Almost half of companies across five Asia-Pacific markets view employees' lack of cybersecurity awareness as the biggest threat, with 67 percent describing internal threat as a risk the organisation.

APAC firms confident of security measures despite breaches: Fortinet

48 percent of IT decision makers at APAC organisations are confident of their security measures, despite 86 percent of those organisations having been victim of a breach, Fortinet's enterprise security survey has revealed.

Only US tops Australia in Asia-Pacific cyber maturity: ASPI

The region's preparedness to ward off cyber attacks and fight cybercrime is growing, but so are the threats, according to a new report from one of Australia's leading think tanks.

Most APAC firms have suffered breach, but security still not priority at board level

Some 86 percent of Asia-Pacific businesses have experienced a cybersecurity breach in the last two years, but just 44 percent believe security still is not a top discussion point for their board members.

5 ways to build your company's defense against a data breach before it happens (TechRepublic)

Data breaches can be chaotic and stressful episodes. Learn the most effective actions you can take to help plan for these turbulent events.

8 steps to take within 48 hours of a data breach (TechRepublic)

A slow response to a data breach can mean even bigger problems for a company. Here are eight quick actions to take as soon as you find out your business has been hacked.

Editorial standards