North Asian firms urged to wield security automation as incidents rise

About one-third (32%) of firms have seen an increase in cyberattacks over the past 12 months across their entire IT stack, most notably endpoints, network and operational technology devices, according to research findings from Telstra.

Meanwhile, 66% of organisations that experienced significantly increased serious security incidents also observed a surge in serious breaches.

Working with Omdia, Telstra surveyed 250 senior technology decision makers at the end of 2022, to understand the state of Security Operations (SecOps) in North Asia, assessing security automation maturity across a range of complex technology environments and threats.

Half of those surveyed were IT executives, including CIO, CTO and CISO, and the rest were senior technology leaders and senior consultants. The key sectors focused on were BFSI, Transport & Logistics, Retail & Wholesale, Manufacturing and Healthcare.

The purpose of the survey was to discover how organisations secure and defend their business from threats through automation, by exploring security automation maturity across the technology stack and end-to-end threat management. 

“There is a real opportunity for organisations to leverage automation to drive operational efficiency and address known security incidents, allowing operational teams to focus on higher risk threats. This has the potential to reduce staff burnout and better safeguard vital business assets,” said Paul Abfalter, head of North Asia at Telstra.

Findings show that 40% of firms lost revenue due to these attacks, while 38% suffered reputational damage and 34% sustained operational downtime. 

However, security leaders are confident that with better security automation, they could reduce nearly 50% of all serious security incidents. 

The research also found that only 24% of regional organisations are advanced in leveraging security automation, confirming that the rate of security automation is relatively low in North Asia, with limited use across the region.

Adam Etherington, senior principal analyst for Digital Enterprise Services at OMDIA, said that leveraging automation in SecOps can enrich threat telemetry, unify toolsets, and harness AI/ML advancements to better protect, detect and respond to advanced persistent threats. 

But Etherington said technology alone won’t solve the problem. Third party expertise is critical to address people, process and tool impacts within each firm’s industry context, regulatory requirements, and corporate objectives.

Although many organisations are investing in additional cybersecurity platforms to overcome rising incidents and breaches, this has resulted in sprawling toolsets that generate a higher volume of alerts and false positives. 

The survey found that a large volume of threat alerts, alarms, tickets, and possible incidents generated by various security tools are causing issues for security professionals.

The false positives overwhelming security teams are caused by a dramatic increase in the attack surface as more operational technology (OT) devices become integrated with IT systems, lagging patch and device management across legacy technologies and a wide variety of non-integrated toolsets.

“Security executives must continually assess their organisational cybersecurity resilience to support ongoing digital transformation, leverage the right cyber partner and unlock value from security tools. Reaching optimised automation can be a long journey,” said Abfalter.

“It is important to work with experienced and trusted specialists to discover the best adoption and operational model for your organisation,” he added.