Cyberthreats are growing in terms of financial impact and the landscape of cyber-attacks in Thailand has changed from IT infrastructure to operational technologies, according to the Cisco 2018 Asia Pacific Security Capabilities Benchmark Study.

Companies in Thailand do not address more than half of the legitimate cyberthreat alerts they receive.

The study was conducted by independent third-party researchers on more than 2,000 respondents across 11 countries — China, South Korea, Japan, Singapore, Thailand, Malaysia, Vietnam, Philippines and Indonesia, Australia and India.

Vatsun Thirapatarapong, managing director for Thailand and Indochina at Cisco, said cyberthreats are starting to evolve from just targeting IT infrastructure to operating infrastructure, intensifying the challenges for companies. Citing the survey, he said 36% of respondents have already seen cyber-attacks on their operational infrastructure, while 56% said they expect similar attacks within the next year.

“Fast adoption of Internet of Things in Thailand is a major factor opening for cyber-attacks,” he said.

According to the study, companies in Asia-Pacific receive up to 10,000 threats a day. That means six threats are received every minute.

However, only 50% of the total numbers of alerts are investigated.

Only 42% of executive leadership, from 2,000 respondents, consider cybersecurity a high priority, and 44% strongly agree that security roles and responsibilities within organisations should have a clear chain of command.

Cyber-attacks are having far-reaching ramifications that include financial and reputation losses to companies. In Southeast Asia, 51% of all cyber-attacks resulted in a loss of more than US$1 million (32.6 million baht). Nearly 10% of respondents said that cyber-attacks cost them more than $5 million. Some 33% of respondents in the study said a security breach can cost them anywhere between $1-5 million.

The form of cyber-attacks is also changing. Attackers are not just targeting IT infrastructure, but are also targeting operational technologies that impact the day-to-day functioning and running of a business.

Some 30% of organisations have already seen cyber-attacks along those lines, while 50% said they expect this to be the case moving forward.

In addition, 41% of Asia-Pacific respondents said their businesses would be affected if their operational infrastructure is compromised.

In addition to financial losses, cybersecurity incidents are also undermining Asia-Pacific organisations’ ability to gain confidence with their consumers and other stakeholders, with 72% remarking that greater privacy concerns from their customers is adding more time to their sales cycle. Nearly half say their sales cycle is delayed by more than a month.

In the coming year, executives also believe that scrutiny from stakeholders such as investors, insurance companies, regulators, business partners, executive leadership, watchdog/interest groups, the media, and employees will start to rise.

Among those surveyed, 74% say they receive more than 5,000 alerts each day. With the number of cyberthreats increasing rapidly, the real challenge lies in what comes after the alert is received, and how many are actually investigated.

The study shows that on average just 37% of the alerts received are investigated. Of those investigated, on average, 32% turn out to be legitimate, of which only 37% are acted upon and corrected. This suggests that more work is needed to help companies and security professionals in Thailand to tackle the rapidly evolving cyberthreat landscape.

The results of the study highlight the scale of the challenge faced by the companies, with 95% respondents saying their organisation has suffered a breach in the past year.

Cyber-attacks are also having significant financial impact on companies. Among those who suffered an attack in the past year, 74% say it cost them $500,000 or more, while 8% say the cost was $5 million or more. This includes costs from lost revenue, loss of customers, and out of pocket expenses etc.

“When it comes to cybersecurity, it is no longer a case of a company needing to protect just its own IT infrastructure. Today, business partners, customers, and employees expect a company to keep their data secure. With stringent regulations like the European Union’s General Data Protection Regulation coming into force, the pressure on companies to have the right policies, technology and resources in place will only increase. Those who lag behind run the risk of not only facing high financial penalties, but also losing the trust of customers,” said Stephen Dane, managing director of Security for Asia-Pacific, Japan and China at Cisco.

The use of multiple vendors and products is making the challenge more complex. Among those surveyed, 51% said their organisation works with more than 10 security vendors, while 65% use more than 10 security products or solutions. This creates complexity and increases vulnerability, as having different security products can lengthen the time to identify and contain a breach. The study highlights that companies are already facing this issue, with 44% of respondents saying they find it very challenging to orchestrate multiple vendor alerts.

The study suggested companies adopt next-generation end-point process monitoring tools; access timely, accurate threat intelligence data and processes that allow for data to be incorporated into security monitoring and events; implement first-line defence tools that can scale, like cloud security platforms; employ network segmentation to help reduce outbreak exposures; and practice security procedures.