Cost of cyber breach higher in Asia Pacific

The proportion of companies in Asia Pacific hit with a financial impact of more than US$5 million from a cyber breach is more double that of the global average, according to Cisco’s 2019 CISO Benchmark Study.

According to the annual study, 17 per cent of companies in Australia, China, India and Japan saw a financial impact of more than US$5 million from their most severe breach in the past year - that’s more than double the global average of eight per cent.

Across the Asia Pacific region as a whole, this figure is 16 per cent of companies, which is still measurably greater than the eight per cent global figure, the study says.

“Cyber security is a numbers game, one that is skewed in favor of malicious actors,” according to Cisco vice-president global security sales organisation, John Maynard.

“Businesses need to win all the time, while attackers need just one successful hit to make an impact. Every time the attackers succeed, there’s a financial impact on the company targeted. This includes out-of-pocket expenses, legal fees, reputational damage and loss of business.

The study reveals firms in Australia and Japan saw the highest increase year-on-year in this metric, with 47 per cent of respondents in Australia and 12 per cent in Japan reporting costs of greater than US$5 million, compared to 17 per cent and 3 per cent in 2018 respectively.

On a positive note, the study reveals 39 per cent of companies in Asia Pacific were able to contain the cost of a cyber breach to below US$500,000. This compares to 33 per cent in 2018, so a greater number of companies are experiencing breach costs in the lower categories, the study shows.

“The fact that an increasing number of companies are being able to contain this cost is a sign that businesses are starting to gain more control and balance their risks when hit by a breach. While this is a move in the right direction, a lot more needs to be done,” Maynard notes.

The study also reveals that security professionals are changing the way they measure their success based on security outcomes, with many respondents moving toward remediation as a key indicator of security effectiveness.

More security leaders are now focused on time to remediate than time to detect, and the metric has risen in popularity as a success metric globally - 48 per cent of respondents in Asia Pacific cited this, compared to 36 per cent in 2018, which is in line with the worldwide results, the study shows.

The study also notes how companies are starting to recover quickly from a breach. It highlighted that only 4 per cent of companies saw an outage that lasted more than 24 hours.

Meanwhile, one of the big challenges that companies have faced has been around the difficulty in orchestrating alerts across multiple vendors and solutions in their security environment.

The study reveals this is an acute problem in Asia Pacific with 17 per cent of respondents saying they have more than 20 vendors in their environment, higher than the global average of 14 per cent.

Meanwhile, fifty-four percent of respondents in Asia Pacific cited having fewer than 10 vendors, lower than the global average of 63 percent. 

Additionally, 93 per cent of respondents in Asia Pacific said it was somewhat or very challenging to orchestrate cyber security alerts from multiple vendor products. The results are higher than the global average of 79 per cent.

“Companies have traditionally approached building their security capabilities in a piecemeal manner by adopting solutions to address specific challenges at the time. While this may help patch individual vulnerabilities, it creates a bigger issue as having more point solutions that don’t work together increases their security effectiveness gap,” said Cisco managing director, global security sales organisation, APJC, Stephen Dane.

“We need to remember that cyber criminals are constantly working together and are relentless in their pursuits of hacking networks and inflicting damage on their targets. Defenders need to take a similar approach by collaborating more, sharing intelligence and ensuring they stay a step ahead of the attackers. 

"The first step in that direction is to have strategic approach to building a comprehensive security environment and ensuring that the solutions are integrated and can work together to defend against potential attacks,” Dane added.