• About
  • Subscribe
  • Contact
Friday, May 9, 2025
    Login
FutureCISO
  • People
  • Process
  • Technology
  • Resources
    • White Papers
    • PodChats
No Result
View All Result
  • People
  • Process
  • Technology
  • Resources
    • White Papers
    • PodChats
No Result
View All Result
FutureCISO
No Result
View All Result
Home Process

Asia's FSI sector is riddled with vulnerable cyber assets

FutureCISO Editors by FutureCISO Editors
August 29, 2024
Asia's FSI sector is riddled with vulnerable cyber assets

Photo by Khanh Nguyen: https://www.pexels.com/photo/a-building-with-palm-trees-in-front-of-it-27023334/

Share on FacebookShare on Twitter

A Tenable study revealed alarming cybersecurity vulnerabilities within Southeast Asia’s banking, financial services, and insurance (BFSI) sector. The research identified over 26,500 internet-facing assets across the region’s top organisations, indicating significant exposure to potential cyberattacks.

The study examined the external attack surfaces of more than 90 BFSI companies, focusing on those with the largest market capitalisations in Indonesia, Malaysia, the Philippines, Singapore, Thailand, and Vietnam. Findings showed that the average institution has nearly 300 vulnerable assets, highlighting the pressing need for enhanced cybersecurity measures. Singapore topped the list with over 11,000 exposed assets, while Thailand followed with more than 5,000.

The study unveiled several critical cyber hygiene issues, including outdated software, weak encryption, and misconfigurations. One notable concern was the presence of nearly 2,500 assets still supporting TLS 1.0, a security protocol now considered obsolete. This underscores the challenges these organisations face in identifying and updating outdated technologies.

Additionally, more than 4,000 assets meant for internal use were inadvertently exposed to the internet, increasing the risk of unauthorised access. The lack of encryption on over 900 URLs further exacerbated security weaknesses, making sensitive data vulnerable to interception.

The research also highlighted risks associated with Application Programming Interfaces (APIs), with over 2,000 identified as vulnerable. Inadequate authentication and insufficient access controls within these APIs can create significant security gaps, allowing malicious actors to exploit weaknesses.

Nigel Ng

Nigel Ng, senior vice president at Tenable APJ, emphasised the urgency of addressing these vulnerabilities. He stated that effective exposure management is crucial for safeguarding digital assets and maintaining customer trust. As the cybersecurity landscape rapidly evolves, financial institutions must prioritise identifying and securing their exposed assets to mitigate the risks posed by increasing cyber threats.

  • Editor's note: The report is not publicly available.
Related:  Sophos and Tenable to launch new vulnerability and attack surface management service
Tags: BFSITenablevcyber assets
FutureCISO Editors

FutureCISO Editors

No Result
View All Result

Recent Posts

  • DDoS attacks surge in Asia Pacific, claims Cloudflare
  • Reimagining security for the AI Era
  • PodChats for FutureCISO: Articulating the business value of security in 2025
  • New standard for cybersecurity at the storage layer
  • Cybersecurity challenges persist despite improved defenses

Categories

  • Blogs
  • Compliance and Governance
  • Culture and Behaviour
  • Cybersecurity careers
  • Data Protection
  • Endpoint Security
  • Incident Response
  • Network Security
  • People
  • Process
  • Resources
  • Risk Management
  • Technology
  • Training and awarenes
  • Videos
  • Webinars and PodChats
  • White Papers

Strategic Insights for Chief Information Officers

FutureCISO serves the interests of the Chief Information Security Officer (CISO) and the information security profession. Its purpose is to provide relevant and timely industry insights around all things important to security professionals and organisations that recognize and value the importance of protecting the organisation’s data and its customers’ privacy.

Cxociety Media Brands

  • FutureIoT
  • FutureCFO
  • FutureCIO

Categories

  • Privacy Policy
  • Terms of Use
  • Cookie Policy

Copyright © 2024 Cxociety Pte Ltd | Designed by Pixl

Login to your account below

or

Not a member yet? Register here

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • People
  • Process
  • Technology
  • Resources
    • White Papers
    • PodChats
Login

Copyright © 2024 Cxociety Pte Ltd | Designed by Pixl