Confirming the limited use of security automation in North Asia, a latest report revealed that only 24% of organisations in the region are using advanced automation for protection against cyberattacks.
This is despite the claim of security leaders polled for the survey that they could confidently reduce nearly 50% of all serious security incidents with better security automation.
“There is a real opportunity for organisations to leverage automation to drive operational efficiency and address known security incidents, allowing operational teams to focus on higher risk threats. This has the potential to reduce staff burnout and better safeguard vital business assets,” said Paul Abfalter, head of North Asia at Telstra.
Telstra, in partnership with research firm Omdia, surveyed 250 senior technology decision makers at the end of 2022, to understand the state of Security Operations (SecOps) in North Asia, assessing security automation maturity across a range of complex technology environments and threats.
The purpose of the survey was to discover how organisations secure and defend their business from threats through automation, by exploring security automation maturity across the technology stack and end-to-end threat management.
The newly launched whitepaper aims to arm security executives with the insights they need to bolster their organisational cybersecurity resilience and support their ongoing digital transformation projects.
Automation vital in cybersecurity
According to Adam Etherington, senior principal analyst for digital enterprise services at Omdia, growing concern over cybersecurity is a potential constraint to digital ambitions in North Asia.
Survey results showed a third (32%) of companies in North Asia have seen an increase in cyber-attacks over the past 12 months across their entire IT stack, most notably endpoints, network and operational technology devices. And 66% of organisations that experienced significantly increased serious security incidents also observed a surge in serious breaches.
Furthermore, 40% of firms lost revenue due to these attacks, 38% suffered reputational damage and 34% sustained operational downtime.
“Security automation is vital to address this challenge,” Etherington pointed out. “Leveraging automation in SecOps can enrich threat telemetry, unify toolsets, and harness AI/ML advancements to better protect, detect and respond to advanced persistent threats.”
Paul Etherington, Omdia
However, he cautioned companies against relying solely on technology to protect their organization.
“Technology alone won't solve the problem. Third party expertise is critical to address people, process and tool impacts within each firm's industry context, regulatory requirements, and corporate objectives.”
Dealing with false positives
The research also revealed that although many organisations are investing in additional cybersecurity platforms to overcome rising incidents and breaches, this has resulted in sprawling toolsets that generate a higher volume of alerts and false positives.
The survey found that a large volume of threat alerts, alarms, tickets, and possible incidents generated by various security tools are causing issues for security professionals.
The false positives overwhelming security teams are caused by a dramatic increase in the attack surface as more operational technology (OT) devices become integrated with IT systems, lagging patch and device management across legacy technologies and a wide variety of non-integrated toolsets.
“Security executives must continually assess their organisational cybersecurity resilience to support ongoing digital transformation, leverage the right cyber partner and unlock value from security tools."
Paul Abfalter, Telstra
"Reaching optimised automation can be a long journey. It is important to work with experienced and trusted specialists to discover the best adoption and operational model for your organisation,” he added.