CDNetworks Survey Unveils Critical Gaps in Cybersecurity Preparedness That Might Be Putting Businesses at Risk

A significant number of businesses in Southeast Asia remain unprepared for the rapidly evolving cybersecurity threats. This is one of the critical insights from the “State of Cloud Security: Are Businesses Addressing Key Vulnerabilities in 2024?” survey, conducted by CDNetworks, the APAC-leading network to deliver edge as a service, and AOPG Insights, the research arm at Disruptive Tech News.

According to the survey, 20% of the respondents admit experiencing a cyberattack at least once in the last 12 months while 40% say they are unsure. The former indicates a clear gap in cybersecurity that cyber criminals have already exploited; the latter, on the other hand, highlights potential inadequacies in cybersecurity, notably a glaring lack of awareness and inadequate security monitoring within the organisation.

CDNetworks Findings

This gap is only magnified by the plethora of threats that can potentially harm organisations. The most notable of these grave threats, which could compromise operational efficiency, cause reputational damage, and reduce profits, include:

• Distributed Denial-of-Service (DDoS) Attacks: These attacks overwhelm a system with traffic, making it unavailable to legitimate users’ environments.
• Automated Bot Attacks: Malicious bots can be used to automate tasks such as credential stuffing, account takeover attempts, and scraping sensitive data.
• Ransomware: This type of malware encrypts an organisation’s data, rendering it inaccessible until a ransom is paid.
• SQL Injection: Attackers exploit vulnerabilities in web applications to inject malicious code that can steal sensitive data.
• Cross-Site Scripting (XSS): Hackers inject malicious scripts into websites that can steal user data or redirect them to phishing sites.

There’s also the dreaded OWASP Top 10, a list of the most critical security risks to web applications:

1. Insufficient logging and monitoring.
2. Broken access control.
3. Injections.
4. Cryptographic failures.
5. Identification and authentication failures.
6. Vulnerable and outdated components.
7. Server-side request forgery.
8. Insecure design.
9. Security misconfiguration.
10. Software and data integrity failures.

Amid the rising tide of threats, this is perhaps the worst time to have any gaps in cybersecurity. Organisations in the region seem to be well aware of the stakes, with 51% of respondents surveyed saying cybersecurity is now their critical priority. The numbers back up this increased focus on security, with organisations primarily using Distributed Denial-of-Service (DDoS) protection (72%), cloud-based WAF (Web Application Firewall) (7 0%), and API protection (55%) to safeguard their cloud environment – choices that indicate a high awareness of common cloud security threats, notably DDoS attacks, web application vulnerabilities, and unsecured APIs.

This more proactive approach is encouraging; however, it might not nearly be enough, not with the diversity of threats that could compromise an organisation. But it is a great first step to implementing a defence-in-depth security strategy that CDNetworks highly recommends in its “State of Cloud Security: Are Businesses Addressing Key Vulnerabilities in 2024?” report. Defence-in-depth relies on a multi-layered approach to cloud security, where multiple layers of security controls are deployed to protect the organisation’s cloud environments from different threats.

These threats are only multiplying by the day – and growing more sophisticated by the minute. And that means it is now time to implement defence-in-depth.

“The findings of our survey clearly indicate that the cybersecurity landscape in Southeast Asia is fraught with challenges that many businesses are not fully equipped to handle. With the rapid evolution of cyber threats, it’s imperative for organisations to adopt a robust, multi-layered security strategy”, said Yien Wu, Head of Sales, SSEA from CDNetworks. He continues, “At CDNetworks, we advocate for a defence-in-depth approach, ensuring that every layer of your cloud environment is fortified against potential attacks. Now more than ever, businesses must prioritise comprehensive security measures to safeguard their operations and maintain trust with their customers.”

Learn more about this holistic security approach, the threats organisations are facing, and the different security strategies to deploy by downloading the full “State of Cloud Security: Are Businesses Addressing Key Vulnerabilities in 2024?” report by CDNetworks and AOPG Insights.

Link to the whitepaper can be found here.