APAC come last for intrusion detection
A new FireEye report shows IT teams in the APAC region lagging behind the rest of the world when it comes to intrusion detection: median dwell time in APAC is 172 days.
Their report, titled Cyber Evolution: En Route to Strengthening Resilience in Asia-Pacific, shows the average number of days between initial network breach and detection of the intrusion globally is 99 days. This means the APAC figure, at 172 days, is almost double. This worrying statistic shows that cyber criminals will on average spend almost six months unseen inside compromised networks – mapping network architecture, assessing valuable data, moving laterally across systems, disrupting operations and more.
Co-authored by Rob van der Ende, VP APAC at Mandiant, and Jaclyn Yeo, Senior Risk Analyst at Marsh & McLennan, the report pulls no punches, saying that although “cyber risk is perceived as a top risk across APAC, this perception is inconsistent with the region’s level of preparedness”, and that the current situation has arisen thanks to complex geopolitical tensions, years of underinvestment in cyber security and a chronic shortage of qualified cyber security talent in the area.
Whilst financial services tops the attacks surveyed, the energy sector comes a close second, with manufacturing and telecoms following up a close second. Critical infrastructure across the APAC region has long been criticised for a lack of readiness to combat advancing cyber threats, and 2018 could be the year – following on from the Triton attack disclosed late last year – that a devastating attack takes place in the region.
Thankfully, this year both Singapore and Australia are adopting mandatory breach notification laws, which should hopefully have a positive trickledown effect on neighbouring governments. In the USA and Europe, protocols issued from NIST or the European Union help regulate standards and push best-practice adoption, but the APAC region has no such binding cyber authority in place yet. As a result, most APAC countries are not legally obliged to report any cyber incidents, organisations take advantage of the opportunity to stay silent.