Cyber risk levels in Apac improve but threats loom

PETALING JAYA: Cyber risk levels in Asia Pacific (Apac) have improved from the first half to the second half of 2022, according to global cybersecurity leader Trend Micro incorporated in its latest report. However, organisations remain pessimistic about the threat landscape, with 82% anticipating successful attacks this year.

The findings come from Trend Micro’s biannual Cyber Risk Index (CRI) report, which measures the gap between respondents’ cybersecurity preparedness versus their likelihood of being attacked. In the second half of 2022, the CRI surveyed more than 3,700 CISOs, IT practitioners, and managers across North America, Europe, Latin/South America, and Apac.

In Apac, enhanced cyber preparedness is a key driver of improved cyber risk levels which has shifted from “elevated” to “moderate”.

Trend Micro Southeast Asia and India vice-president Nilesh Jain (pix) said that the pandemic had exacerbated digital usage and this had brought on more cyber attacks.

“We note that there was a 260% rise in cyber attacks during the 2021 to 2022 period. Among these attacks, ransomware, phishing and business e-mail compromise were the more popular modes of cyber attacks,” he added.

He said cyber risk management will need to be a key priority for organisations across the region.

“We’ve seen a drastic improvement in the Apac cyber risk index since the first half of 2022, with figures moving into positive territory at 0.05 from negative levels. This is a promising result as it means that organisations have stepped up to improve their cyber preparedness. It is crucial for organisations to continue this momentum by focusing on the threats that matter most to their business this year. The first step is to gain complete and continuous attack surface visibility and control in the ongoing effort to better manage cyber risks,” he added.

The trend in Malaysia echoes that of the region, with a reported decline in cyber risk from “elevated” to “moderate”, and improvement in cyber preparedness since the first half of 2022.

However, local organisations remain on guard with majority of organisations citing that they are “somewhat to very likely” to experience a breach in customer data (74%), intellectual property (68%), or successful cyberattack (74%) in the next 12 months.

Organisations in Malaysia and Apac cited ransomware, clickjacking, and crypto-mining among the top five cyber threats that they expect to experience this year.

In Apac and Malaysia, some of the primary risks are people related. Apac respondents named employees as representing three of their top five infrastructure risks. In Malaysia, negligent insiders and lack of qualified personnel comprised two of their top five infrastructure risks.

Jain also said that the banking and financial sector was most vulnerable to cyber attacks. Most cyber attacks were mounted to siphon monies or data.

One of Trend Micro’s products which has been quite successful in warding off cyber attacks was its cross detection and response product which was first launched in 2018.

“Hackers have the first mover advantage in orchestrating a cyber attack since they know everything about their potential targets, they have been utilising cloud technology for the past 10 years,” Jain explained.

He also said that Malaysians entities were generally aware of cybersecurity but many did not know what to do in the event of an attack.

The latest developments in cybersecurity were based on Artificial Intelligence.