Advertisment

Juniper Networks and Ovum Research Report: Threat-Alert Fatigue Among Enterprises in Asia Pacific Due to Increased Cloud Adoption

author-image
CIOL Bureau
New Update
Threat Mitigation, Meltdown, Spectre

A new report from Juniper Networks and Ovum Research has revealed that many network security threats today go uninvestigated, with IT professionals struggling to accurately prioritize alerts due to the overwhelming volume generated in an increasingly cloud-reliant work landscape.

Advertisment

The report – ‘Too Much of a Good Thing? Enterprise Cybersecurity Adoption Trends Across Asia-Pacific’ – polled 350 companies and public-sector organizations across 11 countries including China, India, Japan, Korea, Australia and Singapore. Across the region, more than 42 per cent of respondents shared that they were dealing with approximately 50 alerts a day, although only a small fraction of them required further investigation. In India, eight per cent of respondents said they were receiving more than 1,000 alerts a day and almost half reported more than 50 threats a day, making India the second-highest cybersecurity prone market after China.

In addition to threat-alert fatigue, the report also highlighted several other key findings, including an over-reliance on cloud service providers to secure data and a proliferation of security tools. Respondents were also surveyed on how they have protected their existing infrastructure, as well as how far they have moved and secured their corporate workloads in the cloud.

The findings all indicate a need for enterprises to consider adopting a centralized security management platform and the importance of implementing automation to better prioritize the growing number of threat alerts.

Advertisment

Report Highlights

Improved Alert Prioritization Combats Threat Fatigue

With the increasing number and variety of threat alerts emerging, it is becoming increasingly difficult for security teams to respond to the ones that matter. For instance, the report shows that financial services institutions are dealing with hundreds of thousands of alerts daily. Additionally, the majority of these alerts were ultimately not important enough to merit further action. Nearly two-thirds of all respondents indicated that less than 10 per cent of all alerts are legitimate and require further attention.

Advertisment

In India, 8 per cent of respondents says they receive over 1,000 threat alerts a day, the highest reported in APAC. More significantly, only 30 per cent of respondents from India reported that 10 per cent or less of those threats are legitimate, while only 12 per cent say that over half of the threats they receive warrant further investigation.

Improved Centralized Security Management is a Must

As cybercriminals discover new ways to mount attacks and respond in real-time to emerging revenue opportunities, the report revealed that enterprise decision makers have responded to this by deploying patchworks of new security solutions. This, over time, creates siloed security tools, each reporting to their own dashboard.

Advertisment

More than half of the companies surveyed with over 1,000 branches in operation around APAC said they were managing over 100 tools – a clear indicator of the growing need for centralized management, particularly as organizations scale up.

· In India, while almost 30 per cent of respondents shared that they were managing more than 50 tools for this purpose, 45 per cent reported higher levels of using a centralized security platform or have implemented a Security Incident and Event Management (SIEM) centre – the highest in the APAC region.

· Overall, the findings across the region further reinforced the need for a centralized security management platform and for improved threat alert prioritization based on the total amount of alerts received each day, with 50 per cent indicating having to deal with over 50 alerts daily. The challenge is exacerbated in larger organizations with larger branch networks, with 8 per cent of these companies receiving more than 1,000 alerts daily.

Advertisment

In addition, automation of key security operation tasks is being widely adopted to more effectively prioritize and analyze alerts, enabling security teams to respond faster to the most crucial threats.

Reducing Reliance on Communication Service Providers (CSPs) to Manage Data Security is a Rising Priority

The report showed that, while APAC organizations have widely embraced SaaS applications, a more meaningful way to gauge longer-term cloud adoption trends would be the degree to which corporate applications have migrated to either IaaS or PaaS environments. Across the APAC region, nearly half of organizations surveyed (47 per cent for smaller; 42 per cent for larger) admitted they rely entirely on their CSP.

Advertisment

· In India, the findings highlight a healthy uptake of this migration, with almost 70 per cent of respondents sharing that between 11 and 50 per cent of all their corporate workloads have already been migrated to either an IaaS or PaaS platform. Additionally, almost 20 per cent of respondents from larger companies (with over 1,000 branches), also shared that more than 50 per cent of their corporate workloads has been migrated to IaaS or PaaS platforms.

· When it comes to securing these workloads, the report indicated that over 30 per cent of respondents from India have opted for on-premise security tools to protect their workloads in the cloud, almost the same amount as those that depend on their CSPs.

· The findings indicate that India is fast outperforming other APAC markets with its high levels of workload being moved to the cloud and their adoption of cloud-based security tools.

juniper-networks ovum-research