What Asia Pacific organizations should look out for in 2023 to stay ahead and secure in their digital transformation journeys
From conducting day-to-day operations to planning future strategies, data has become the currency of an intelligent enterprise. As the value and business-criticality of data increase, the challenges of protecting it are becoming tougher than ever. When we talk of cyber protection, we need to address data security and cyber security together.
The task of mounting an effective cybersecurity strategy is made ever more complex by the fact that organizations today are now enthusiastically embracing hybrid IT models. They are creating, storing and processing data not only in on-premises data centers, but also in the cloud and at the edge – in smart factories, in advanced medical imaging clinics, and across vast networks of employees working remotely.
As organizations across Asia Pacific (APAC) continue their digital transformation journeys in 2023, it is critical to stay ahead of the curve and look out for key emerging technology innovations and trends in cybersecurity to prevent and mitigate potential security risks.
-
Artificial Intelligence (AI)
Over the next couple of years, APAC will continue to invest in AI solutions to facilitate innovation across all levels and areas of business. IDC predicts that APAC spending on AI systems will rise from US$17.6 billion in 2022 to around US$32 billion in 2025.
Enabling a quicker response time towards breaches, AI is playing a critical role in advancing cybersecurity solutions at least in part by making it possible for enterprises to take a more proactive approach to protecting their systems.
AI has demonstrated high efficiency in securing cloud services, on-premises infrastructure, and detecting atypical user behavior. The financial services industry is especially keen to leverage AI for cybersecurity.
IDC estimates that in APAC, banking will invest more in AI than any other sector over the next five years, as experts increasingly look to AI solutions for augmented threat intelligence and fraud analysis applications. As we further discover the future of automation, enterprises will likely prioritise the use of AI to support security initiatives and fuel continued business growth.
-
Blockchain/Distributed Ledger
The banking and financial services sector in Asia Pacific will ramp up investment in blockchain and distributed ledger capabilities. In a survey conducted by EY among financial institutions in APAC, blockchain is expected to be the top investment over the next two years.
Blockchain and distributed ledger technologies offer a tamper-proof record of all transactions, enabling efficiency and transparency, optimising operations much beyond what the current ecosystem of centralized database management and paper-driven bills could possibly achieve. It allows enterprises to choose the level of security required for all the data, or for specific cases, making it easier to implement strong technical security measures such as encryption, automation, access control, orchestration, and endpoint security to manage risk effectively.
-
Zero Trust
From an intriguing idea and catchword, Zero Trust has quickly made its way to a critical business imperative. The Zero Trust model requires every device, user, or network segment to be treated as a potential threat. Hence, organizations must take measures to allow continuous verification to offer regular assurance that the systems and their components are operating appropriately.
According to a recent State of Zero Trust Security in Asia Pacific 2022 report, almost half (49%) of APAC organisations have a Zero Trust Strategy in place. Of those that have not adopted a Zero Trust strategy, 38% said they plan to do so over the next six to twelve months. Other recent survey findings have found that Zero Trust will continue to be a key cybersecurity priority for businesses in APAC for the next 12 to 18 months.
-
Ransomware
Ransomware will remain a major security threat to organisations in APAC, as threat actors continue to use malware, phishing and malicious emails to extract data and hold organizations hostage. As the global and regional security threat evolve, criminals are resorting to increasingly sophisticated tactics to attack organizational data and cause significant damage to businesses.
In 2021, 78% of organizations in APAC were hit by ransomware attacks that impacted their IT or operational technology (OT)/Industrial Control System environments, or both, with 51% of them paying the ransom. In 2023, we will be seeing organizations reassessing their approach to cybersecurity and employing a holistic security strategy to keep pace with the ever-advancing security threats.
According to a Ransomware Protection Market Research, APAC is forecast to exhibit the highest growth globally in the ransomware protection market from 2022 to 2031, demonstrating the region’s aggressive investment in security solutions against ransomware attacks.
-
Internet of Things (IoT)
APAC will continue to see high growth in IoT spending across the region, calling for the need for more security regulations and measures to mitigate the security risks inherent in IoT devices. IoT devices represent the growing number of electronics that are not traditional computing devices, but interact externally to send data, receive instructions, or both.
They can help business leaders strategize and achieve business goals by suggesting how to utilize resources optimally, analyze if they need to find new and better methods to operate, and even offer more efficient ways to manage their IT infrastructure.
In APAC, the IoT market is expanding, with analysts expecting IoT spending in the region to reach US$437 billion in 2025, driven by the rise of remote working, an increased focus in building smart infrastructures as well as the emergence of new technologies in healthcare and other industries. Since IoT devices are often mass-produced with lack of innate security, it’s difficult to make them secure with traditional security controls and practices.
To mitigate the inherent security vulnerabilities of IoT devices, governments across Asia Pacific have started to set IoT security regulations, including Singapore’s “Guidelines for IoT security for smart nation” and IoT Cyber Security Guide.
-
Critical infrastructure and Industrial Control Systems (ICS)
In 2023, organizations in APAC will place increased priority on securing Industrial Control Systems (ICSs) to protect critical infrastructures. ICSs are designed to operate and support critical infrastructure and are used heavily in industrial areas such as energy and utilities, oil and gas, pharmaceutical and chemical production, food and beverage, and manufacturing.
In APAC, ICSs are being increasingly targeted by security threats as more and more devices are connected and IT/OT boundaries become blurred, putting the safety of critical infrastructures at risk. In response to the increasing cybersecurity risks on critical infrastructure, organisations in APAC will increase their investment in security solutions for ICSs.
A recent forecast report predicts APAC to register the highest CAGR globally due to increasing technological advancements, growing awareness regarding ICS security systems among small and medium-sized enterprises, rapidly growing industrial organizations, and increasing investment in Industry 4.0.