IDC: Digital transformation investments lead to increased cyber threats for APAC
IDC has explored what the cyber threat landscape will look like in the new year, with a few key predictions around different attack models and possible solutions.
According to the analysts, digital transformation investments in Asia Pacific are poised to double, hitting US$921 billion in 2024. In fact, organisations will continue to adopt new technologies to transform their business operations in 2022.
In doing so, they will expand their digital attack surfaces and introduce new vulnerabilities to their fast-growing digital environments.
At the same time, the cyber threat landscape will persistently evolve. Cyber supply chain attacks, such as the SolarWinds attacks, will go unabated, the analysts state.
Technology service providers will remain attractive targets for threat actors due to the many organisations engaging their services for digital transformation.
Increasingly, threat actors will collaborate with each other to launch more sophisticated threat campaigns, IDC states.
The Ransomware-as-a-Service (RaaS) model is one example where cyber adversaries leverage each other's respective expertise to execute more effective attacks.
The RaaS model has led to the rise of the double extortion approach where threat actors demand ransom twice - one for decrypting the data and another for not leaking the stolen data online.
To pressurise victims into paying the ransom, the perpetrators threaten to publish their stolen data on questionable websites. This can have grave ramifications for the affected parties, triggering regulatory attention, financial penalties and loss of trust.
As cybersecurity demands continue to soar and evolve, organisations will not only increase their cybersecurity investment in 2022 but also shift their security approach, IDC states.
According to the analysts, almost 70% of Asia-Pacific organisations highlighted that security in their organisations is currently underinvested.
While increasing cybersecurity spending is a step in the right direction, it is equally important for organisations to invest in the right areas, IDC states.
With threats becoming increasingly prevalent and sophisticated, the predictive nature of an intelligence-led cybersecurity approach is vital for organisations' cyber defence arsenal.
Consequently, more organisations, especially the cyber mature ones, are likely to adopt this approach., building up their capabilities across several domains.
These include threat detection, threat monitoring and analytics, threat hunting and digital forensics, as well as incident responses and recovery.
This is key to building situational awareness and capabilities to identify, protect, detect, respond and recover from fast-changing security threats.
According to IDC, security analytics, intelligence, response and automation (AIRO) are poised to register the highest CAGR of 17.6% among the security technology segments, reaching US$2 billion in 2025 in Asia Pacific, excluding Japan.
In particular, cyber analytics solutions that harness the power of AI will become increasingly vital and prevalent in 2022. Traditional signature-based detection solutions can no longer keep up with more sophisticated threat actors and threats, IDC states.
By leveraging AI-powered cyber analytics, organisations can gain enhanced visibility over advanced threats, and stay ahead of emerging threats.
It is also a force multiplier that supports cyber teams, reducing alert fatigue and improving focus via triage of prioritised correlated incidents, the analysts state.