Organisations in Việt Nam are facing longer downtimes caused by cybersecurity breaches, compared to the regional and global averages.— Photo Cisco |
HÀ NỘI — Organisations in Việt Nam are facing longer downtimes caused by cybersecurity breaches, compared to the regional and global averages, according to a recent Cisco study.
The Cisco’s 2019 Asia Pacific CISO Benchmark Study was released this week.
Almost a third of companies in Việt Nam were offline for 24 hours or more after their most severe breach in the past one year, compared to just four per cent globally and 23 per cent in the Asia Pacific region.
The Việt Nam number is a huge rise from last year, when only 15 per cent of organisations in the country suffered downtime of 24 hours or more.
The study is based on a survey of almost 2,000 security professionals from across the region. It highlights that security practitioners in Việt Nam are being kept busy.
According to the study, 36 per cent of respondents reported receiving more than 10,000 threat alerts a day, while 26 per cent said they received more than 50,000 alerts per day.
With a high number of cyber threats, the real challenge lies in what comes after an alert is received, how many of the alerts are investigated, and how many of those found to be genuine are eventually remediated.
The good news is that companies in Việt Nam are doing better than the Asia Pacific average on both those fronts.
According to the study, businesses investigated 51 per cent of the threats, compared to 44 per cent across Asia Pacific.
Of the threats found to be genuine, 45 per cent were addressed, up from 44 per cent last year.
Companies in Việt Nam are doing better in remediating legitimate alerts compared to the regional and global averages, which stood at 38 per cent and 43 per cent respectively.
Vietnamese companies have also seen a big decline in the financial impact of cyber breaches. Among the respondents, 18 per cent said the most severe breach in the past one year cost them more than one million dollars. This is a huge decline from a year ago, when 77 per cent of companies reported a financial impact of a million dollars or more.
According to Lương Thị Lệ Thủy, managing director at Cisco Việt Nam as digital maturity and adoption increases across Việt Nam, there has been an increased awareness of cybersecurity among businesses.
“This is crucial because we will see more users and devices come online in the next few years,” she said.
“While this means greater opportunity for businesses, it also means the attack surface would increase exponentially, exposing businesses to more threats and cyber risks.
“Security can no longer be an afterthought; it needs to be the underlying foundation of any digitalisation effort.”
The study highlights that the use of multiple vendors is adding to the complexity for security professionals.
According to the report, 31 per cent of companies are using more than 10 vendors. While the number is better than the global average of 39 per cent, it is still posing a challenge for companies.
When asked how challenging it is to manage a multi-vendor environment, 76 per cent said it was somewhat or very challenging to orchestrate multiple vendor alerts. This is in line with the global trend, with 79 per cent of respondents across the world highlighting this as an issue.
Kerry Singleton, director of cybersecurity for ASEAN at Cisco, said: “Complexity due to a multi-vendor environment and the increased sophistication of businesses with operational technology networks and multi-cloud adoption continue to challenge security practitioners in Asia Pacific.
“As organisations look to reduce the impact of a cybersecurity breach, they need a simplified and systematic approach to security in which solutions act as a team, and learn, listen and respond as a coordinated unit.”
The study also pointed out the top three barriers for adopting advanced security technologies in Việt Nam, including lack of trained personnel (47 per cent), lack of knowledge about advanced security processes and technology (40 per cent) and budget constraints (36 per cent).
The lack of trained personnel is an issue for a greater number of companies in Việt Nam this year compared to 2018, when only 37 per cent of organisations cited it as a main challenge.
When it comes to data breaches and the improvements that were made following a breach, the top improvement among Vietnamese companies was to increase security awareness training among employees (62 per cent), followed by increased investment in security defense technologies or solutions (48 per cent) and increased focus on preventing security breaches caused by employee-owned mobile devices (46 per cent). — VNS