KUALA LUMPUR (Dec 14): Ransomware attacks have increased by twofold in Malaysia with over 50% of organisations reporting a two times increase in 2023, according to the state of Security Operations (SecOps) Fortinet survey in the Asia-Pacific region conducted by International Data Corporation (IDC).

The survey commissioned by Fortinet, a cybersecurity company that provides a range of security products and services to protect organisations from cyber threats, revealed 54% of organisations have ranked phishing as the predominant cyber threat in the country. IDC conducted the survey with 550 information technology (IT) leaders with organisations with a headcount of 250 to 5,000 employees across Asia Pacific.

The surge in cyberattacks is closely linked to the widespread adoption of remote working in response to the Covid-19 pandemic. Additionally, the integration of advanced cybersecurity technologies like cloud services has introduced a range of new concerns regarding cyber threats.

Eighty-eight percent of the survey's participants believe that the rise of remote work has resulted in an uptick in incidents related to insider threats, one of the top five cyber threats. The lack of employee care, communication and training were main contributors to the surge, underscoring the importance of addressing human factors in cybersecurity.

With only 38% of businesses allocating dedicated IT resources for security teams, the emerging challenge lies in the widespread adoption of cloud technology, which impacts organisational vulnerability to cyber threats.

On top of that, almost half of the surveyed organisations have also expressed concerns about being under-equipped for threat containment, with three out of four citing lack of regular risk assessments for timely threat detection.

There is a common perception that investing in advanced cybersecurity technologies alone can effectively protect an organisation. However, with more and more cyber threats evolving with new technologies, the challenge of SecOps teams being able to keep up with alerts and identifying them accurately and timely is ever so prevalent.

Alert fatigue among enterprises is not a surprise when only one SecOps professional for every 230 employees has to deal with 47 alerts daily and almost an average of 221 incidents per day as a whole in a company. Two out of five enterprises are even grappling with over 500 incidents daily, facing mainly phishing and virus detection.

Moreover, the challenge of false positives has taken over 25% of alerts in 62% of enterprises. A staggering 92% of teams have reported to take more than 15 minutes to validate an alert, calling an urgent need for automation.

As 98% of respondents are faced with the challenge of keeping up with the rapidly evolving threat landscape, 62% of them view automation as a priority for Security Operations Centre (SOC) teams. Automation will allow them to multitask and cut down on validation and remediation time towards cyber threats.

“Securing modern IT infrastructures requires a continuous commitment to vigilance, proactivity, and adaptability amid challenges posed by hybrid work, AI, and cloud technologies. This dynamic shift from static controls to a risk-centric cybersecurity posture aligns seamlessly with the evolving technological landscape,” said Simon Piff, research vice-president, IDC Asia-Pacific.

Fortunately, 92% of organisations have embraced automation and orchestration tools in their SecOps. However, the survey shows that these new technologies are underutilised. One hundred percent of Malaysian organisations intend to implement automation and orchestration tools within the next 12 months, focusing on streamlining response triage, accelerating incident containment and minimising recovery time.

The pivotal role automation plays in cybersecurity lies in the top priority of organisations in faster threat detection, maximising visibility, automating responses and threat intelligence, and optimising operating efficiency of existing security resources and intelligence.

“Automation plays a crucial role in promptly identifying and responding to cyber threats, minimising the window of vulnerability. The transformative reduction in our customers' experiences from an average of 21 days to just one hour for detection, driven by AI and advanced analytics, signifies a fundamental step in fortifying cybersecurity defences, where time to detect and respond is paramount. Automation, in this context, emerges as the linchpin in navigating the challenges of today’s dynamic threat landscape,” said Dickson Woo, country manager, Fortinet Malaysia.

Organisations have labelled boosting network and endpoint security, empowering staff cyber awareness, elevating threat hunting and response, updating critical systems and performing security audits as the top five priorities in SecOps investments in the next 12 months.

Beyond safeguarding organisations, it is essential to monitor external channels to identify breaches, monitor sales of compromised data, and stay informed about ongoing discussions related to cybersecurity threats.