Thailand: Cybersecurity tech deficit

• Jan 05, 2022

At a time when the need to guard against cyber threats is more urgent than ever, 52% of the cybersecurity technology used by companies in Thailand is considered not up to the task, say tech professionals surveyed by Cisco Systems.

The findings are part of the multinational networking equipment company’s global survey, “Security Outcomes Study Volume 2”, based on responses from more than 5,100 security and privacy professionals in 27 markets, including more than 2,000 professionals from 13 markets in Asia Pacific.

Respondents shared their approaches to updating and integrating their security architecture, detecting and responding to threats and staying resilient when disaster strikes.

Respondents from Thailand also consider their cybersecurity infrastructure unreliable (43% of responses) and too complex (28%), highlighting this shortcoming in the survey.

The good news, though, is that companies in Thailand are addressing this by investing in modern cybersecurity technologies and approaches to address this and improve their security posture. More than 9 in 10 (93%) respondents in Thailand said their company is investing in a “Zero Trust” strategy, with 57% saying their organisation is making steady progress with adopting it, and 36% saying they are at a mature state of implementing it.

In addition, 93% of respondents said their company is investing in Secure Access Service Edge (SASE) architecture, with 55% saying they are making good progress with adoption, while 38% say implementation is at mature levels.

These two approaches are key to building a strong security posture for companies in the modern cloud-first and application-centric world, according to Cisco.

Organisations are facing multiple challenges while operating in this environment, including complexity in connecting users to applications and data across multiple cloud platforms, inconsistent security policies across disparate locations and networks, difficulty in verifying the identity of users and devices, and lack of end-to-end visibility of their security infrastructure.

SASE architecture is widely seen as an effective way to address these challenges. It combines networking and security functions in the cloud to deliver secure access to applications anywhere users are working.

Zero Trust, meanwhile, is a simple but effective concept that involves verifying the identity of each user and device every time they access an organisation’s network to reduce the security risk.

The value of cloud-based security architectures cannot be overstated. According to the study, organisations that have mature implementations of Zero Trust or SASE architectures are 35% more likely to report strong security operations than those with nascent implementations.

“Businesses across the globe, including here in Thailand, have seen a huge change in their operating models, driven in large part by the pandemic,” said Kerry Singleton, managing director for cybersecurity in Asia-Pacific, Japan and Greater China at Cisco.

“As they grapple with changes like a distributed workforce and digital-first interactions, it is imperative for them to be able to connect users seamlessly to the applications and data they need to access, in any environment and from any location. They need to achieve this while being able to control access and enforce the right security protection across networks, devices and locations.”

Companies need to ensure they stay ahead of the curve when it comes to cybersecurity, said Juan Huat Koo, director of cybersecurity for Asean at Cisco. “In today’s digital-led business environment, security practitioners need to know what really works when it comes to building a strong security posture, while maintaining seamless user experience, thereby taking the guesswork out of what they should focus on and prioritise to keep the business and users safe,” he added.

Other key global findings from the study include:

Organisations that use threat intelligence achieve faster mean time to repair, with rates 50% lower than those of non-intel users.

Organisations with integrated technologies are seven times more likely to achieve high levels of process automation. Additionally, these organisations boast more than 40% stronger threat detection capabilities.

Automation more than doubles the performance of less experienced staff, supporting organisations through skills and labour shortages.

As the threat landscape continues to evolve, testing business continuity and disaster recovery capabilities regularly and in multiple ways is more critical than ever, with proactive organisations 2.5 times more likely to maintain business resiliency.