Statistics show the region has some of the highest number of major cybersecurity incidents amid the continuing need to curb the spread of COVID-19.

As the region battles against new variants of the COVID-19 virus, companies in the region are shifting back to work-from-home arrangements at different levels to curb the spread of the virus. 

Alongside mounting pressures to ensure business continuity, many organizations are grappling with the challenging task of ramping up their protection to guard against the growing risk of cyber-threats in a more distributed work environment across multiple networks in a digital-first world.

A recent study of cybersecurity incidents by Cisco found that the top 3 markets in the world with the highest percentage of major cybersecurity incidents are Thailand, China and India, with Vietnam and Australia coming in fifth and sixth.

CybersecAsia discussed these challenges and statistics with Kerry Singleton, Managing Director, Cybersecurity, Cisco Asia Pacific, Japan and China:

Kerry Singleton, Managing Director, Cybersecurity, Cisco APJ and China

According to a new 2021 Cisco study of cybersecurity incidents, 5 out of the top 6 markets with the highest percentage of organizations reporting a major cybersecurity incident in the last two years were from Asia. Why do you think this is so?

Singleton: The transition to remote work environment in the wake of the pandemic serves as a key reason for this. This shift upended the security architecture of many organizations because a significant proportion of endpoints suddenly transitioned to outside the corporate network perimeter.

Our 2020 Duo Trusted Access Report also revealed that APAC relied more on remote access technologies for a longer time as work from home arrangements continued. The region saw the highest increase in remote access technology (68%) use as compared to western markets like United States (51%) and the European Union (34%).

Accelerated digital transformation and increased adoption of cloud technologies amid remote work present a myriad of new challenges for organizations in the region. An increased digital footprint means that organizations face a growing attack surface and a dynamic threat landscape with adversaries carrying out more sophisticated and relentless attacks. As malicious actors continue to exploit vulnerabilities and come up with innovative new tactics to cover their tracks, businesses need to invest in a robust cybersecurity infrastructure.

Moreover, companies’ cybersecurity preparedness levels also play a role in the rise of cyber incidents. According to Cisco’s Future of Secure Remote Work Report, around half (54%) of APAC organizations shared that they were only somewhat prepared to support the sudden transition to a remote workforce. Notably, seven percent of APAC respondents said they were not prepared for this transition. This stands at just one percent less compared to the global and western numbers.

In the hybrid future of work where employees expect to work from anywhere and on any device, security needs to be the foundation behind the success of any digitalization effort. Only then, will organizations be able to effectively secure a distributed workforce amid an evolving digital landscape.

From February to June last year, APAC saw the highest increase (68%) in remote access technology use as compared to other regions. What are some key cybersecurity threats and challenges coming out of this trend?

Singleton: One emerging trend we’ve noticed since the outbreak is that hybrid workplaces are here to stay. According to Cisco’s Future of Secure Remote Work Report, one-third of APAC organizations said they expect more than half of their workforce to continue working remotely post-pandemic, compared with just 19% before the pandemic. The same report also revealed that APAC organizations encountered the highest jump in cyber threat alerts globally – 69% of organizations encountered a 25% or more jump in cyber threats or alerts since the start of COVID-19. This is concerning, especially as a distributed work environment is here to stay.

The top cybersecurity challenge faced by APAC organizations when supporting remote workers is secure access (63%), defined as the ability to verify and establish trust no matter how or where users log in. With employees connecting remotely, it has become more crucial than ever to adopt a flexible yet holistic cybersecurity posture that protects users from the network, to the endpoint, to the cloud. Other key cybersecurity challenges they faced include data privacy (59%), maintaining control and enforcement policies (53%), and implementing multi-factor authentication (59%).

In terms of cyber threats, ransomware is undoubtedly one of the biggest threats globally and regionally. Globally, it is the second most common threat observed at the endpoint. Phishing attacks and other scams that take advantage of people’s fears during a crisis also continue to be on the rise as our personal and professional lives converge online. These could be impersonators on-the-phone pretending to be the help desk, trying to fix an IT problem in an effort to gain control of a target’s computer, as well as phone scams. Cisco Umbrella found phishing treats jumped 40% between 2019 and 2020, driven partly by pandemic themes.

Over the past year, malicious attackers have increasingly adopted new, innovative strategies to maximize the effectiveness of their attacks and force organizations to give in to their ransom demands. An approach known as “big game hunting”, which refers to a sophisticated large-scale attack that targets larger companies and extorts larger ransoms, has gained popularity in recent months. In fact, in 2020, it was one of the biggest threats many organizations faced, with cases of successful attacks publicized weekly.