Fears of cyber threats delaying digital transformation

Fears of cyber threats delaying digital transformation: Microsoft study

Microsoft and Frost & Sullivan Study reveals that:
• Digital transformation has been delayed due to fears of cyber-risks
• Organisations can respond to just 56% of all security alerts on any given day, owing to capacity restraints
• Cybersecurity attacks have led to job losses in half (50%) of organisations surveyed over the last year

AUCKLAND, 19 JULY 2018 – A Frost & Sullivan study commissioned by Microsoft reveals that New Zealand organisations are currently ill-equipped to meet the challenge of rising cyber threats, and greater investment in cloud, AI and other cybersecurity tools as well as a focus on training new cyber security experts, are required to prepare us for digital transformation.

The study, titled “Understanding the Cybersecurity Threat Landscape in Asia Pacific: Securing the Modern Enterprise in a Digital World”, aims to provide business and IT decision makers with insights on the economic cost of cybersecurity breaches in the region and identify the gaps in organisations’ cybersecurity strategies.

The study reveals that more than half of the organisations surveyed in New Zealand have either experienced a cybersecurity incident (36%) or are not sure if they had one as they have not performed proper forensics or data breach assessment (16%).

However, cybersecurity attacks resulted in job losses in half (50%) of the organisations that have experienced an incident over the last 12 months.

“As companies embrace the opportunities presented by cloud and mobile computing to connect with customers and optimize operations, they take on new risks,” says Russell Craig, National Technology Officer, Microsoft New Zealand

“With traditional IT boundaries disappearing the adversaries now have many new targets to attack. Companies face the risk of significant financial loss, damage to customer satisfaction and market reputation—as has been made all too clear by recent high-profile breaches.”

In addition to financial losses, cybersecurity incidents are also undermining New Zealand organisations’ ability to capture future opportunities in today’s digital economy, with 43% of respondents stating that their enterprise has put off digital transformation efforts due to the fear of cyber-risks.

Besides external threats, the research also revealed key gaps in organisations’ cybersecurity approach, including treating security as an afterthought and using an unnecessarily complex array of security solutions. Despite encountering a cyberattack, only 19% of organisations consider cybersecurity before the start of a digital transformation project. This limits their ability to conceptualise and deliver a “secure-by-design” project, potentially leading to insecure products going out into the market.

Meanwhile, having a large number of security solutions does not equate to a safer enterprise. Organisationswith more security solutions (between 26-50) encountered almost the same occurrence of security incidents (33%), compared to organisations with less than 10 solutions (37%). It’s best to reduce the number of tools and complexity of operations so operators can become more proficient with the tools they have.

Encouragingly, the study does reveal that almost two out of three (65%) organisations in New Zealand have either adopted or are looking to adopt an AI approach towards boosting cybersecurity. AI’s ability to rapidly analyse and respond to unprecedented quantities of data is becoming indispensable in a world where cyberattacks’ frequency, scale and sophistication continue to increase. At present just 56% of security alerts can be addressed on any given day, according to the study.

An AI-driven cybersecurity architecture will also grant companies with the capabilities to accomplish tasks, such as identifying cyberattacks, removal of persistent threats and fixing bugs, faster than any human could, making it an increasingly vital element of any organisation’s cybersecurity strategy.

“Utilising AI-enabled security tools can significantly reduce risk,” says Russell Craig. “Ever more advanced tools scan incoming mail for threats and filter these out before they even reach our inboxes. Of course, it’s impossible to entirely prevent malicious hacking, human error or other sources of cyber risk, but the effectiveness of these tools continually improves, thanks to the vast scale of cyber threat data that can be gathered via the public cloud and translated into insights using data analytics.”

Key recommendations from the study include:

• Continue to invest in strengthening your security fundamentals: Over 90% of cyber incidents can be averted by maintaining the most basic best practices. Maintain strong passwords, use multi-factor authentication and keep device operating systems, software and anti-malware protection up-to-date;

• Assessment, review and continuous compliance: Assessments and reviews should be conducted regularly to test for potential gaps. Keep tabs on not just compliance to industry regulations but also how the organisation is progressing against security best practices; and

• Leverage AI and automation to increase capabilities and capacity: With security capabilities in short supply, organisations need to look to automation and AI to improve the capabilities and capacity of their security operations.

END

© Scoop Media