70% of Singapore Firms Experienced Breach in Recent Cyber Attacks

New research from Armis, the asset intelligence cybersecurity company, shows organisations in Singapore are facing imminent cybersecurity challenges as a result of rising threats and outdated cybersecurity programs. Seventy percent of organisations in Singapore confirmed they had been breached at least once over the last 12 months and 26% admitted they experienced multiple breaches in the same period. These attacks had significant consequences, with over four in ten (43%) of respondents facing operational downtime, 37% experiencing financial loss and 30% having productivity loss and/or their data stolen.

“In Singapore, the public sector has taken significant steps to safeguard critical systems across the region,” said Gwen Lee, Regional Director, APJ, Armis. “However, the private sector’s actions are equally crucial in shaping our standing globally and strengthening the security posture of the region against emerging threats. Currently, there is an inadequacy in the traditional security measures being used to combat the high volume and frequency of increasingly sophisticated attacks. This needs to be addressed to ensure protection and continuous operation for all industries.”

Singapore organizations are struggling to prioritize their cybersecurity efforts and minimize threats due to a lack of visibility over their environment and the use of a high number of asset management tools and threat intelligence sources, which are too reliant on manual processes.

Key findings from Armis’ research, commissioned with Vanson Bourne, include:

Singapore Cybersecurity Teams Do Not Have a Complete View Of Their Attack Surface, Creating Blind Spots In Their Environment.

• For respondents in Singapore, their foremost challenge is currently Internet of Things (IoT) security, followed closely by concerns about outdated legacy infrastructure and balancing the need for security with the desire to innovate and adopt new technologies quickly.
• On an average business day, 56,000 physical and virtual assets are connected to organizational networks in Singapore companies. Regional respondents shared that only 51% of these assets are monitored, leaving half (49%) unmonitored.
• Half (50%) of Singapore businesses lack complete visibility over company-owned and managed assets in their environment.
• Organizations in Singapore cannot account for around 39% of their asset attributes when it comes to knowing things like asset location or the support status of these assets.

Singapore Organizations Struggle with A High Number Of Asset Management Tools And Threat Intelligence Sources To Understand Their Exposure To Risk. Without Much-Needed Automation, This Proves To Be An Uphill Battle.

• Singapore respondents, on average, indicated their organization uses 13 different tools to manage assets connected to their network, while 47% admit to still using manual spreadsheets.
• Organizations in Singapore consume 11 different and disparate sources of threat intelligence on average. And only between 50% to 56% of the processes related to threat intelligence are automated or orchestrated.
• Sixty-two percent of the information gathered from threat intelligence sources is actionable on average. Thirty-two percent of respondents from Singapore reported that their organization’s cybersecurity team feels overwhelmed by the volume of cyber threat information.
• Maximizing the use of Artificial Intelligence (AI) and Machine Learning (ML) was listed by Singapore respondents as the top priority for the upcoming year together with automating remediation.“New technologies are intended to benefit businesses but when left unmonitored and unmanaged, can become dangerous additions to an organization’s attack surface.

Security teams must be able to continuously understand, prioritize and lead the organization through the incremental remediation of risks and exposures of greatest potential strategic and operational impact; today and as the environment continues to evolve through transformation,” said Curtis Simpson, CISO, Armis. “Attackers will look to exploit any weakness possible to gain access to an organization’s network. The responsibility lies on organizations to ensure that they have the needed oversight to see, protect and manage all physical and digital assets based on what matters most to their business.”