Fifty-one percent of respondents in the Asia Pacific have experienced a cyberattack originating from a digital asset they didn’t know about or didn’t manage, this is according to the survey conducted jointly by MIT Technology Review and cybersecurity vendor Palo Alto Networks.

The research is based on a multi-industry poll of more than 728 technology decision-makers across more than a dozen global industries, including information technology, telecommunications, manufacturing, pharmaceuticals, health care, and retail.

The poll showed that from 51% of the attacked companies, 16% expect such an attack eventually.

Palo Alto Networks updates Prisma Access solution for remote workers
Palo Alto Networks discovers malicious scans on Microsoft Exchange 5 minutes after disclosure

“This data makes all too clear the reality of unknown or unmanaged assets: they are a major security risk, and the only way to protect yourself is to have a complete and up-to-date inventory of all internet-facing assets,” says Tim Junio, SVP of products for Cortex at Palo Alto Networks.

Cloud-based assets

As companies continue to accelerate their digital transformation strategies, more and more of their operations are being moved to cloud environments. Cloud-based assets comprise most cybersecurity exposures. According to Palo Alto Networks research, 79% of observed issues come from the cloud while 43% of respondents report that more than half of their digital assets are in the cloud.

“Our research shows that 70% of companies report a secure cloud management strategy is key to avoiding cybersecurity attacks. And 67% of respondents realize that continuous asset monitoring is the cornerstone of that strategy,” says Laurel Ruma, editorial director at MIT Technology Review Insights, US.

Unique challenges such as varied cyber maturity across the region and being unprepared to pivot to remote work during the pandemic have heightened the urgency to establish cybersecurity strategies.

The heightened awareness of cybersecurity has made executives pay more attention to their security postures with 68% of respondents say their organization’s board of directors will request an attack surface management plan for cybersecurity this year.

Monitor assets

MIT Technology Review and Palo Alto Networks said that conducting a full inventory of internet-connected digital assets — from laptops to cloud applications — and rebooting cybersecurity policies for today’s modern remote work environment can mitigate risks.

The two entities urge companies to formulate strategies to mitigate cyber-related vulnerabilities. Organizations must gain control over “shadow IT,” which is rogue purchases of cloud services and installments of IoT-type connected devices. Shadow IT opens the doors for bad actors. Smart locks and other types of mobile access applications for employees can allow hackers to gain access to corporate networks.

Companies are also advised to monitor inventory like 46% of the respondents. It allowed them to discover unknown or unprioritized digital assets. However, only 31% report taking such action just once per month or less frequently.

Having dedicated cybersecurity experts is imperative to create strong security postures. With cyberattacks evolving, competitive salaries, stimulating projects, and opportunities for upskilling can help organizations attract and retain top talent. Even employees without extensive cybersecurity skills can mitigate security risks by increasing their understanding of the threat landscape.

Ultimately, having outsourced cybersecurity will allow organizations to tap into a reservoir of skills and experience they wouldn’t otherwise have. The poll reveals that only 29% of APAC respondents turn to outside experts.