A new report from Juniper Networks and Ovum Research has revealed that many network security threats today go uninvestigated, with IT professionals struggling to accurately prioritize alerts due to the overwhelming volume generated in an increasingly cloud-reliant work landscape.
The report – ‘Too Much of a Good Thing? Enterprise Cybersecurity Adoption Trends Across Asia-Pacific’ – polled 350 companies and public-sector oganizations across 11 countries including China, India, Japan, Korea, Australia and Singapore. Across the region, more than 42 percent of respondents shared that they were dealing with approximately 50 alerts a day, although only a small fraction of them required further investigation. In India, eight percent of respondents said they were receiving more than 1,000 alerts a day and almost half reported more than 50 threats a day, making India the second-highest cybersecurity prone market after China.
In addition to threat-alert fatigue, the report also highlighted several other key findings, including an over-reliance on cloud service providers to secure data and a proliferation of security tools. Respondents were also surveyed on how they have protected their existing infrastructure, as well as how far they have moved and secured their corporate workloads in the cloud.
The findings all indicate a need for enterprises to consider adopting a centralized security management platform and the importance of implementing automation to better prioritize the growing number of threat alerts.
Report Highlights
Improved Alert Prioritization Combats Threat Fatigue
With the increasing number and variety of threat alerts emerging, it is becoming increasingly difficult for security teams to respond to the ones that matter. For instance, the report shows that financial services institutions are dealing with hundreds of thousands of alerts daily. Additionally, the majority of these alerts were ultimately not important enough to merit further action. Nearly two-thirds of all respondents indicated that less than 10 percent of all alerts are legitimate and require further attention.
In India, 8 percent of respondents say they receive over 1,000 threat alerts a day, the highest reported in APAC. More significantly, only 30 percent of respondents from India reported that 10 percent or less of those threats are legitimate, while only 12 percent say that over half of the threats they receive warrant further investigation.
Improved Centralized Security Management is a Must
As cyber criminals discover new ways to mount attacks and respond in real-time to emerging revenue opportunities, the report revealed that enterprise decision makers have responded to this by deploying patchworks of new security solutions. This, over time, creates siloed security tools, each reporting to their own dashboard.
More than half of the companies surveyed with over 1,000 branches in operation around APAC said they were managing over 100 tools – a clear indicator of the growing need for centralized management, particularly as organizations scale up.
- In India, while almost 30 percent of respondents shared that they were managing more than 50 tools for this purpose, 45 percent reported higher levels of using a centralized security platform or have implemented a Security Incident and Event Management (SIEM) center – the highest in the APAC region.
- Overall, the findings across the region further reinforced the need for a centralized security management platform and for improved threat alert prioritization based on the total amount of alerts received each day, with 50 percent indicating having to deal with over 50 alerts daily. The challenge is exacerbated in larger organizations with larger branch networks, with 8 percent of these companies receiving more than 1,000 alerts daily.
In addition, automation of key security operation tasks are being widely adopted to more effectively prioritize and analyze alerts, enabling security teams to respond faster to the most crucial threats.
Reducing Reliance on Communication Service Providers (CSPs) to Manage Data Security is a Rising Priority
The report showed that, while APAC organizations have widely embraced SaaS applications, a more meaningful way to gauge longer-term cloud adoption trends would be the degree to which corporate applications have migrated to either IaaS or PaaS environments. Across the APAC region, nearly half of organizations surveyed (47 percent for smaller; 42 percent for larger) admitted they rely entirely on their CSP.
- In India, the findings highlight a healthy uptake of this migration, with almost 70 percent of respondents sharing that between 11 and 50 percent of all their corporate workloads have already been migrated to either an IaaS or PaaS platform. Additionally, almost 20 percent of respondents from larger companies (with over 1,000 branches), also shared that more than 50 percent of their corporate workloads have been migrated to IaaS or PaaS platforms.
- When it comes to securing these workloads, the report indicated that over 30 percent of respondents from India have opted for on-premise security tools to protect their workloads in the cloud, almost the same amount as those that depend on their CSPs.
- The findings indicate that India is fast outperforming other APAC markets with its high levels of workload being moved to the cloud and their adoption of cloud-based security tools.