They may sound logical, but these tips encompass whole-of-enterprise collaboration and enforcement to work well

In 2023, cybersecurity will continue to remain a huge challenge for organizations in the Asia Pacific (APAC) region. Some studies have shown that cybersecurity incidents appear to be more common in the region, with 84% of businesses surveyed having experienced more than three security incidents in the last 18 months, as compared to 61% globally.

Here are three ways that some organizations are responding to rising cyber risk, which your enterprise can emulate or improvise on, to fit individual corporate requirements:

    1. Organizations are increasingly adopting AI and ML solutions to augment identification and mitigation of cyber threats. However, cybercriminals are also taking advantage of the same technologies to launch their attacks with quick precision, speeding up the end-to-end attack life cycle from weeks to days or hours. These attacks are also expected to evolve and become highly localized, more personalized, and geo-targeted.
    2. As social engineering tactics grow in popularity and effectiveness, organizations looking to build stronger resilience are moving beyond merely reacting to cyberattacks — they are starting to adopt a proactive stance.

      In anticipating the continuous expansion of the enterprise attack surface, they ensure that the security processes and tools put in place are constantly evaluated and updated. This includes adopting a more robust zero trust framework, and incorporating app-based cybersecurity solutions that can scan employee’s work devices — a vulnerable commonplace entry point for potential attacks.
    3. In addition, business leaders are realizing the need to prioritize empowering the cybersecurity function so that it can build stronger defenses.

      Broader cybersecurity resilience could include mandating multi-factor authentication (MFA) for work process in and across business units. Training seminars can inform employees about their roles and responsibilities and understand how the latest cyber threats and social engineering tactics apply to their daily work.

Taking a step further, organizations may also want to assess employees’ levels of cyber competence and resilience through regular internal tests, to provide insights into their employees’ cyber awareness and how they can best be trained.