The vast majority of APAC organisations believe zero trust frameworks are crucial in the aftermath of COVID-19.
This is a key finding from the new Frost - Sullivan study commissioned by Ivanti, the automation platform provider.
Entitled ‘Embracing Secure Access in a World of Rapidly Expanding Virtual Borders' the research investigates the impact of the COVID-19 pandemic on cybersecurity and compliance attitudes and behaviours in Singapore, Australia and New Zealand.
According to the study, the pandemic has negatively impacted business for enterprises in the Asia Pacific region.
Most respondents experienced a moderate 1-9% reduction in business demand, with Australia having the highest percentage of respondents reported (80%), compared to those in New Zealand (73%) and Singapore (59%).
Overall, 38% of respondents said that their main strategy was to focus on IT operations to maintain business operations for their remote workforce during COVID-19.
However, more than 40% of the respondents in Australia and New Zealand stated that they focused more on cybersecurity to better protect their organisation from attacks.
When it comes to cloud adoption during COVID-19, most respondents indicated their organisation adopted cloud more during the pandemic, especially those in Australia and New Zealand, with 64% and 57% of respondents agreeing that their organisation adopted cloud more during the pandemic respectively.
The study also finds that devising the right security formula for today's hybrid, adaptive modern enterprise is a top priority.
Consolidation and integration of solutions was very important to 71% of respondents across Singapore, Australia, and New Zealand.
At the same time, the importance of zero trust frameworks increased across the board with 75% of all enterprises surveyed during the pandemic stating that this was very important, compared to the 64% that stated the same before the pandemic.
With cybercriminals now targeting the underlying technologies that support a growing remote workforce, including video conference platforms, project management and collaboration tools, and virtual private networks (VPNs), manual and disparate security tools are not going to be sustainable for IT teams, the research finds.
Enterprises are therefore recommended to adopt a strategic approach that focuses on the following:
Complete visibility and centralised control by deploying solutions that provide a single view of threats, technology management, vulnerabilities and perceived risks across an organisation's entire environment.
When enterprises enter the market for new security vendors, the key features they need to look for include threat detection and response, penetration testing, vulnerability testing and scanning and security technology management.
Support for multi-cloud and diverse environments to address the mounting challenge of protecting globally dispersed data and compute environments.
Enterprises are looking to take a security stance that encompasses assets in all environments, whether on-premises, public clouds, private clouds, or a mixed setup, the study finds.
Frost - Sullivan associate director and head of Asia Pacific Cyber Security Practice Kenny Yeo says, "To secure digital assets in the new everywhere workplace, security leaders need complete visibility into all endpoints that connect to their networks.
"They also need to ensure that only trusted users, devices, and applications can access corporate resources.
"Deploying an integrated security platform that features best-in-class contextual automation and zero trust capabilities is the best way to reduce the risk of breaches and future-proof businesses."
Ivanti area vice president ANZ Matthew Lowe says, "COVID-19 has permanently changed the way we work and created new security challenges for organisations.
"IT networks are now being accessed from everywhere, with employees increasingly using various devices to access corporate data and stay productive as they work from anywhere.
"Organisations urgently need to adopt a zero trust strategy in order to continually verify each asset and transaction before permitting any access to the network."