Three out of four government agencies and critical infrastructure entities in the Asia Pacific region have identified Extended Detection and Response (EDR-XDR) solutions as the most difficult to implement to enhance cyber defense efforts, according to the Trellix Cybersecurity Survey.
The findings emerged after cybersecurity firm Trellix surveyed 200 IT security professionals from Indian, Australian and Japanese government agencies and critical infrastructure providers with 500 or more employees.
Trilex said the survey comes amid increasingly vulnerable government agencies and critical infrastructure entities in the region to more cyber attacks.
Last month, IBM said the Asia-Pacific region was the most targeted region last year, responsible for one in four cybersecurity attacks launched worldwide. In that region, Australia, India and Japan experienced the most accidents.
Among the Australian and Indian respondents, 76% and 77% of them, respectively, identified EDR-XDR solutions as the most difficult for organizations to implement. Meanwhile, 71% of Japanese respondents said the same thing.
The roots of this difficulty varied between countries, however, 60% of Indian respondents identified a lack of implementation experience as the biggest barrier to implementing new cybersecurity solutions. For nearly half of Australian respondents, they said the lack of internal staff resources was the biggest barrier to implementing new cybersecurity solutions. Japanese participants cited a lack of implementation experience and leadership’s lack of recognition of the need for investment as the biggest obstacles.
Given the increasing number of cyber threats, organizations also told Trellix that the task of scaling up software supply chain risk management policies and processes was “extremely difficult or very challenging.”
74% of Japanese respondents surveyed said this was the case, while 65% and 63% of Indian and Australian respondents, respectively, expressed the same sentiment.
79% of Australian respondents, 82% of Indians, and 66% of Japanese also expressed concerns that there has been historically little oversight over how and where cybersecurity products are developed.
In terms of what organizations surveyed believe would be most beneficial for raising cyber security standards across the Asia Pacific region, 86% of the government cited imposing higher cybersecurity standards as one of the primary solutions.
“Software supply chain attacks on SolarWinds and Microsoft have focused global attention on the severity of cyber threats to the software supply chain and the complexity of protecting against them. They also recognize that their governments can play an important role in improving their cyber defenses,” Trilex said.
Another new survey, conducted by BDO, revealed that organizations in Australia and New Zealand make lower payments than ransomware but have also seen a growth in other negative effects. For example, the number of security incidents involving data recovery efforts saw a rise of nearly 160%, with a 5% increase in reported data breaches.
“Respondents recognize that it is important to view cybersecurity incidents as more than just paying a ransom. Industry professionals note that although the number of ransoms being paid is decreasing, targeting of large organizations or ‘big ransomware’ is maturing, BDO said.
According to the BDO, the increase in data recovery exercises correlates with respondent data that cited a 175% year-over-year increase in emails as a source of respondent data breaches. BDO said the surge is yet another example of remote work that introduces a host of new systems and issues, such as document sharing and distribution.
And cyberattacks are also becoming more advanced, requiring much longer to recover from, survey respondents told BDO. Compared to 2020, the number of cyberattacks in 2021 that caused system downtime for several days increased by about 215%.
Amid this growing landscape, the Australian and Japanese governments have added more resources to guard against threats. Last year, Japan’s Defense Ministry announced plans to boost its cybersecurity unit by hiring 800 new cyber employees to help defend against increasingly sophisticated attacks. In Australia, the federal government has pledged to create 1,900 new government jobs over the next five years for one of its electronic agencies, although some experts have expressed concern that these jobs may not be filled due to a lack of technical skills in the country.