Global businesses have witnessed an unprecedented scale of cyberattacks in the past year making it increasingly challenging for security teams to react.
This blog posting – part 1 of 2 – provides information regarding recent cybersecurity trends and metrics, as well as perspectives from business leaders of APAC organizations. Next week we will post part 2 of this blog that will share further insights regarding AI-enabled cyber threats and general best practices recommendations.
Cyberattacks are increasing world-wide with 38% more cyberattacks per week on corporate networks in 2022 than in 2021. The following four cyber threat trends formed in 2022:
The ransomware ecosystem evolved and grew with smaller, more agile criminal groups that form to evade law enforcement.
Hackers widened their aim to target business collaboration tools such as Slack, Teams, OneDrive and Google Drive with phishing exploits, which make for a rich source of sensitive data given that most organizations’ employees continue to work remotely.
Academic institutions became a popular feeding ground for cybercriminals following the rapid digitization they undertook in response to the COVID-19 pandemic. In fact, the education/research sector was the number one most attacked industry globally, seeing a 43% increase in 2022 compared to 2021.
Healthcare organizations saw the largest increase in cyberattacks in 2022 compared to all other industries. In particular, the US suffered an increase of 86% more attacks in 2022 compared to 2021, with the healthcare sector ranking second out of all sectors attacked in the US. The healthcare sector is considered lucrative to hackers as they aim to retrieve health insurance information, medical records, and personal identification information.
Below are a few key statistics regarding recent cybersecurity related trends:
Global volume of cyberattacks reached an all-time high in Q4 with an average of 1168 weekly attacks per organization.
The top 3 most attacked industries in 2022 were Education/Research, Government and Healthcare.
North America (+52%), Latin America (+29%) and Europe (+26%) showed the largest increases in cyberattacks in 2022 compared to 2021.
The US saw a 57% increase in overall cyberattacks in 2022, the UK saw a 77% increase, and Singapore experienced a 26% increase.
Africa experienced the highest volume of attacks with 1875 weekly attacks per organization, followed by APAC with 1691 weekly attacks per organization.
APAC – Cyber Impact Assessment
As noted above, the Asia Pacific (APAC) market has been targeted by cyber criminals, and unfortunately, many companies have not yet created appropriate response plans or have regular access to relevant cyber expertise. Building this “muscle memory” in response to cyber risk can go a long way in reducing the impact of cyberattacks and enabling businesses to recover more quickly. Below are a few data points from a recent survey of APAC organizations:
59% of APAC organizations have experienced a cyber incident.
32% of such organizations have suffered multiple incidents.
36% of organizations do not have a response plan if an incident were to occur, which leaves companies at risk of being unable to handle an incident effectively.
62% of companies have appointed a data protection officer and a similar percentage have cyber security specialists on retainer. However, this still leaves 38% of APAC companies without cyber security specialists on hand to provide support in the event of an incident.
The top three cited causes of a cyber incident are malware, phishing and password attacks, which collectively account for over half of all incidents reported.
The most cited cause was malware (e.g., ransomware, spyware, viruses, etc.).
The two most cited impacts of a cyber incident were data loss (51%) and business interruption (49%). Both were also the top two business concerns with data loss (70%) followed by business interruption (58%).
Although both concerns are operational in nature, organizations are starting to understand the longer-term consequences of cyber incidents. Reputational damage, for example, is cited as a less common impact of an incident at 31%, but 50% of leaders surveyed are concerned about it.
To minimize the threat of a cyber incident, APAC organizations cited taking the following actions:
Implemented hardware and software security tools (70%)
Monitor endpoints, network, systems and applications (69%)
Conduct regular training (67%) for the business to stay aware of potential threats.
Increased budgets (64%) to address cyber security threats.
65% of survey respondents have moved to the cloud to address cyber security threats. It is important to keep in mind that transitioning to a cloud environment is a complex process. Therefore, it is good practice for companies to retain cyber experts to guide, test and assess cloud environments for gaps in security controls, and also assist with simulation exercises of incident response plans to build confidence in the cloud infrastructure.
Across the board, countries and cities across APAC could be more resilient to cyberattacks if they had more robust incident response plans in place and had more readily available access to experts. This would help companies address immediate cyber requirements, such as a breach incident, as well as consider cyber security for transitions over a longer-term basis, such as moving to a cloud-based infrastructure. Below are a few more takeaways from this analysis that relate specifically to APAC markets:
Australia was least likely to have an incident response plan in place; Hong Kong was the most likely.
Malaysia and the Philippines suffered the most incidents; Hong Kong suffered the least.
Data loss was a concern across the board, but those in Indonesia were more worried than others about reputational damage of an incident; Singaporean businesses were primarily worried about business interruption.
View from the Top – Boards and CISOs
Today cybersecurity has become a dominant topic on Board of Directors’ agendas. 76% of BoD participants in a recent survey reported that they discuss the topic at least monthly and view cybersecurity as a top priority for their board. Consequently, 75% believe their boards clearly understand the systemic risks their organizations face, and 76% assert they’ve made adequate investments in cybersecurity. However, this optimism may be misplaced.
Additional findings indicate 65% of board members believe their organization is at risk of a material cyberattack in the next 12 months, while 47% feel their organization is unprepared to cope with a targeted attack.
Notably, and contrary to the World Economic Forum’s findings that human error risk leads to 95% of all cybersecurity incidents, only 66% of board members view human error as their biggest cyber vulnerability.
While it is encouraging to learn that cybersecurity has become a focus of discussions across boardrooms, more direct collaboration and communication with CISOs will continue to be instrumental towards achieving organizational success while protecting people and data. Below are a few interesting takeaways from a recent survey on this specific topic:
There is disconnect between the boardroom and CISOs when evaluating the risk posed by today’s sophisticated cybercriminals. 65% of board members believe their organization is at risk of material cyberattack in the next 12 months compared to only 48% of CISOs.
Board members and CISOs have similar concerns about the threats they face. Board members ranked email fraud/BEC (Business Email Compromise) as their top concern (41%), followed by cloud account compromise (37%), and ransomware (32%). CISOs also rank email fraud/BEC and cloud account compromise as top concerns, but view insiders as their top threat whereas board members rate insiders as a lower concern.
Board members disagree with CISOs about the most important consequences of a cyber incident. Internal data becoming public is the most concerning for boards (37%), followed closely by reputational damage (34%) and revenue loss (33%). These concerns are in sharp contrast with those of CISOs, who are more worried about significant downtime, disruption of operations, and impact on business valuations.
High employee awareness doesn’t protect against human error. Though 76% of those surveyed believe their employees understand their role in protecting the organization against threats, 66% of board members believe human error is their biggest cyber vulnerability.
The relationship between boards and CISOs has room for improvement. There is a sharp variance in perspective between board members and CISOs; while 69% of board members report seeing eye-to-eye with their CISO, only 51% of CISOs feel the same.
Boards are warming up to regulatory oversight. 80% of survey respondents agree that organizations should be required to report a material cyberattack to regulators within a reasonable timeframe, and only 6% disagree.
In a related development, the Securities and Exchange Commission (SEC) in the U.S. recently proposed mandatory cyber representation on boards subject to their regulation.
“Board members play a key role in their organizations’ cybersecurity culture and cybersecurity posture. Board members have fiduciary and oversight responsibility for their organizations; therefore, they must understand the cybersecurity threats their organizations face and the strategy their organizations take to be cyber resilient,” said Dr. Keri Pearlson, executive director at Cybersecurity at MIT Sloan (CAMS). “Board members need to look for ways to make CISOs their strategic partners. With cybersecurity risk front and center on boardroom agendas, a better alignment of CISOs’ and boards’ cybersecurity priorities will only serve to improve their organizations’ protection and resilience.”
Do you have questions? We have answers.
FRONTEO eDiscovery experts are standing by to answer your questions about Artificial Intelligence and more.