Cisco 2019 Asia Pacific CISO Benchmark Study sees Malaysia improve over last year!

Cisco released Cisco’s 2019 Asia Pacific CISO benchmark Study, in which they revealed their analysis of Asia Pacific’s cyber security performance and risk assessment. The studies is based on a survey that sampled 2,000 security professionals from across the region. Within this sample, 10% of them of them are Malaysian.

In the studies, it shows that Malaysia:

• According to a survey of 2000 security professionals, 44% state they received more than 10,000 threats daily, while 36% received more than 50,000 threats daily.
• Malaysian companies are able to investigate 44% of the threat alerts they received in 2019, a 4% improvement over the 40% in 2018. This is better than the Asia Pacific and the global average, which stand at 38% and 43%, respectively
• Malaysia faced longer downtime compared to the rest of Asia Pacific region and the world, with 27% of companies facing downtimes of 24 hours or more, while only 23% in Asia Pacific and 4% globally faced such long downtimes. In 2018, only 9% of Malaysian organization faced such long downtime periods, so this is a huge step backwards.
• Malaysia sees improvements when it comes to using multiple security vendors, dropping from 39% in 2018 to 35% last year. 90% of companies found it challenging to manage multiple vendors’ security alerts, which is higher than the Asia Pacific (88%) and global (79%) averages. 

Albert Chai, Managing Director of Cisco Malaysia shared:

“As digital adoption gathers pace in Malaysia, we are seeing an increased awareness of cyber security among businesses. This is crucial because the success of the digital economy hinges in large part on businesses ability to tackle cybersecurity risks. For companies to be able to do that, security can no longer be an afterthought; it needs to be the underlying foundation of any digitization effort. While we are seeing some positive trends, a lot more needs to be done to ensure that businesses are well prepared to tackle any issues on this front”

Albert Chai, Managing Director Malaysia at CISCO

Kerry Singleton, Director Cybersecurity of Asean Cisco points out

“Complexity due to a milti-vendor environment and the increased sophistication of businesses with OT networks and multi-cloud adoption continue to challenge security practitioners in Asia Pacific. As organizations look to reduce the impact of a cybersecurity breach, they need a simplified and systematic approach to security in which solutions act as a team, and learn, listen and respond as a coordinated unit.”

“One way for organizations to simplify security is by considering a Zero Trust approach which looks at security in three key areas – workforce, workload and workplace. Doing so enables organizations to protect users and their devices against stolen credentials, phishing and other identity-based attacks, manage multi-cloud environments and contain lateral movement across the network.”

The Cisco’s 2019 Asia Pacific CISO benchmark Study also point out that Malaysia organization’s top barriers for adopting advance security technology being:

• Organizational culture / attitude about cybersecurity: 43% (Yes that superior that ignored your warning)
• Budget constraints: 38%
• Lack of trained personnel: 38% (End up the IT has to do it all)
• Lack of awareness of advanced security technologies and processes: 38%

We also understand that following an attack, an organization more often taken the following actions:

• Security awareness training among employees: 56%
• Enforcement of data protection laws and regulations: 44%
• Focus on preventing security breaches caused by employee-owned mobile devices: 37%
• Focus on risk analysis and mitigation: 37%

For more information about the report, please check out Cisco study in this link.

Pokdepinion: It goes to say that we are more likely to react to an issue than to prevent the issue altogether.