Organisations in the Asia Pacific (APAC) region consider cloud infrastructures, including public, private, and hybrid models, as their greatest source of cybersecurity risk, according to Tenable®, Inc., an exposure management company.
This concern, shared by 70% of APAC cybersecurity teams, is the highest globally, surpassing Latin America (66%), Europe, Middle East and Africa (64%), and the United States (62%). Notably, nearly half (46%) of APAC respondents reported inadequate visibility into potential misconfigurations within their cloud infrastructure.
As well as specific cloud security concerns, the Tenable study highlights that 57% of APAC respondents express that a lack of data hygiene in user data and vulnerability management systems prevents employees from making prioritisation decisions.
These findings are part of the APAC edition of "Old Habits Die Hard: How People, Process, and Technology Challenges Are Hurting Cybersecurity," a comprehensive report based on a 2023 survey of 825 global cybersecurity and IT leaders, including 219 from APAC, conducted by Forrester Consulting on behalf of Tenable.
The report underscores the intricacies of modern IT infrastructure, emphasising the numerous opportunities for misconfigurations and overlooked assets due to the reliance on multiple cloud systems, identity and privilege management tools, and web-facing assets.
A critical organisational gap highlighted in the study is the delayed involvement of cybersecurity teams in cloud service selection and deployment processes, with only 31% of APAC teams being consulted early enough. This scenario is compounded by instances where nearly 4 out of 10 (37%) respondents reported that business and engineering teams purchase and deploy cloud services without the knowledge of cybersecurity teams, underscoring the need for earlier and more integrated cybersecurity engagement in organisational decision-making.
The study not only illuminates the heightened cybersecurity risks in cloud infrastructures across the APAC region but also brings to light the critical organisational gaps in current security practices. The findings underscore a pressing need for a paradigm shift from traditional, reactive security approaches to a more proactive, integrated strategy, particularly in cloud environments.
Nigel Ng, vice president, Tenable APJ, emphasises this necessity: “The evolving complexity of cloud infrastructures demands a proactive security posture. By anticipating and addressing vulnerabilities before they can be exploited, organisations can significantly enhance their resilience against cyber threats. This shift is not just about technology; it's about transforming the way we think about and manage cloud security. This proactive approach is vital for organisations to stay ahead of the rapidly changing cyber threat landscape and secure their cloud infrastructures effectively.”
Re-disseminated by The Asian Banker