Vulnerability Management Trends In APAC

Similar documents
Mastering The Endpoint

Evolve Your Security Operations Strategy To Account For Cloud

Operationalize Security To Secure Your Data Perimeter

Modern Database Architectures Demand Modern Data Security Measures

Build Your Zero Trust Security Strategy With Microsegmentation

Supporting The Zero Trust Model Of Information Security: The Important Role Of Today s Intrusion Prevention Systems

Business Success Through Embedded Communication Technology

Evolving Threats Call For Integrated Endpoint Security Solutions With Holistic Visibility

Digital Transformation Drives Distributed Store Networks To The Breaking Point

Converged Infrastructure Matures And Proves Its Value

Rethink Enterprise Endpoint Security In The Cloud Computing Era

Modern Compute Is The Foundation For Your IT Transformation

2018 GLOBAL CHANNEL PARTNER SURVEY THYCOTIC CHANNEL PARTNER SURVEY REPORT

Unlock The Value Of Cloud: A Spotlight On IT Executives

Unlock The Value Of Cloud

Red Hat Virtualization Increases Efficiency And Cost Effectiveness Of Virtualization

Converged Security - Protect your Digital Enterprise May 24, Copyright 2016 Vivit Worldwide

A Forrester Total Economic Impact Study Commissioned by ServiceNow January 2018

Fact Or Fiction: The State Of GDPR Compliance

Securing The Enterprise With Machine Identity Protection

Security for Financial Services: Addressing the Perception Gaps in a Dynamic Landscape

Enabling Zero Trust Security Through Network Virtualization And Micro- Segmentation

TechValidate Survey Report: SaaS Application Trends and Challenges

Best Practices in Securing a Multicloud World

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

HOSTED SECURITY SERVICES

Mobile Security: Move Beyond The Basics And Overcome Mobile Paralysis

DIGITAL TRANSFORMATION IN FINANCIAL SERVICES

Continuous protection to reduce risk and maintain production availability

Building a Resilient Security Posture for Effective Breach Prevention

Center Security On Advanced Technology

Innovation Leaders Need IT Services To Drive Transformative Outcomes

eguide: Designing a Continuous Response Architecture 5 Steps to Reduce the Complexity of PCI Security Assessments

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

2015 VORMETRIC INSIDER THREAT REPORT

The State of Cloud Monitoring

Fundamental Shift: A LOOK INSIDE THE RISING ROLE OF IT IN PHYSICAL ACCESS CONTROL

IT SECURITY OFFICER. Department: Information Technology. Pay Range: Professional 18

Closing the Hybrid Cloud Security Gap with Cavirin

MOBILE SECURITY 2017 SPOTLIGHT REPORT. Information Security PRESENTED BY. Group Partner

Toward an Automated Future

DATA SHEET RSA NETWITNESS PLATFORM PROFESSIONAL SERVICES ACCELERATE TIME-TO-VALUE & MAXIMIZE ROI

with Advanced Protection

Meeting PCI DSS 3.2 Compliance with RiskSense Solutions

A Government Health Agency Trusts Tenable to Protect Patient Data and Manage Expanding Attack Surface

The Total Economic Impact Of Microsoft Office 365 Threat Intelligence

ForeScout Extended Module for Splunk

Department of Management Services REQUEST FOR INFORMATION

align security instill confidence

Mid-Market Data Center Purchasing Drivers, Priorities and Barriers

THE STATE OF IT TRANSFORMATION FOR RETAIL

Gaps in Resources, Risk and Visibility Weaken Cybersecurity Posture

Oracle bakes security into its DNA

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

INTRODUCTION. We would like to thank HelpSystems for supporting this unique research. We hope you will enjoy the report.

Mapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective

KEY FINDINGS INTERACTIVE GUIDE. Uncovering Hidden Threats within Encrypted Traffic

Cybersecurity in the Age of Government Regulation

Whitepaper. Advanced Threat Hunting with Carbon Black Enterprise Response

CYBER SECURITY TAILORED FOR BUSINESS SUCCESS

RSA INCIDENT RESPONSE SERVICES

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

Martijn Loderus. Merritt Maxim. Principal Analyst Forrester. Director & Global Practice Partner for Advisory Consulting Janrain

Workday s Robust Privacy Program

RSA INCIDENT RESPONSE SERVICES

MATURE YOUR CYBER DEFENSE OPERATIONS with Accenture s SIEM Transformation Services

Evolving the Security Strategy for Growth. Eric Schlesinger Global Director and CISO Polaris Alpha

Cyber Threat Landscape April 2013

Optimisation drives digital transformation

Jeff Wilbur VP Marketing Iconix

The Total Economic Impact Of Salesforce Studio

THE STATE OF MEDIA SECURITY HOW MEDIA COMPANIES ARE SECURING THEIR ONLINE PROPERTIES

SOLUTION BRIEF esentire Risk Advisory and Managed Prevention (RAMP)

RSA Advanced Security Operations Richard Nichols, Director EMEA. Copyright 2015 EMC Corporation. All rights reserved. 1

CYBER RESILIENCE & INCIDENT RESPONSE

Cognizant Cloud Security Solution

THE CYBERSECURITY LITERACY CONFIDENCE GAP

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited

Survey: Global Efficiency Held Back by Infrastructure Spend in Pharmaceutical Industry

Technical Review Managing Risk, Complexity, and Cost with SanerNow Endpoint Security and Management Platform

SD-WAN Networks Enable Modern Digital Business Ecosystems

Six Weeks to Security Operations The AMP Story. Mike Byrne Cyber Security AMP

Security in India: Enabling a New Connected Era

COST OF CYBER CRIME STUDY INSIGHTS ON THE SECURITY INVESTMENTS THAT MAKE A DIFFERENCE

RIMS Perk Session Protecting the Crown Jewels A Risk Manager's guide to cyber security March 18, 2015

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.

Canada Highlights. Cybersecurity: Do you know which protective measures will make your company cyber resilient?

SIEMLESS THREAT DETECTION FOR AWS

Building a Threat Intelligence Program

How to Underpin Security Transformation With Complete Visibility of Your Attack Surface

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

Cyber Resiliency: A Recipe for Digital Trust?

THE IMPACT OF SECURITY ON APPLICATION DEVELOPMENT. August prevoty.com. August 2015

THE IMPACT OF MOBILE DEVICES ON INFORMATION SECURITY:

Risk: Security s New Compliance. Torsten George VP Worldwide Marketing and Products, Agiliance Professional Strategies - S23

Gujarat Forensic Sciences University

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

Tripwire State of Cyber Hygiene Report

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Transcription:

GET STARTED

Introduction In the age of the customer, the threat landscape is constantly evolving. Attackers are out to steal your company s data, and the ever-expanding number of devices and technologies being introduced into your environment makes the task of protecting your network and applications more difficult than ever. 1 In APAC, due to its sheer size and complexity, this challenge is particularly daunting. There are special economic and political considerations, and most countries China in particular are rife with cyberattacks. Companies operating in this region strive to strike a balance between protecting their organizations and conforming to the product and service standards that consumers demand. In March 2016, Tenable commissioned Forrester Consulting to conduct a survey evaluating vulnerability management adoption trends in Asia Pacific, including the perceived challenges, drivers, and benefits of various vulnerability management strategies and investments. 5% 9% 33% 53% Where do you work? China: 25% Singapore: 25% Japan: 25% ANZ: 25% How large is your company? Number of employees: 500 to 999: 33% 1,000 to 4,999: 53% 5000 to 19,999: 9% 20,000 or more: 5% What is your title? All respondents are at the manager level or above and working in IT, with responsibility for vulnerability management.

1 2 Managing Risk Is A Top Priority For APAC Security Decision-Makers Reducing risk is a top driver of strategic IT objectives for APAC firms. Our survey found that reducing risk and increasing security posture is the No. 2 overall IT priority behind improving IT service delivery for the business. Our survey also found that: Top security initiatives focus on protecting customer data. A number of different security initiatives are considered to be a high or critical priority. Among the top initiatives are application security (89%), data security (88%), and protecting customers personal information (87%). Vulnerability management solutions, historically focused on compliance, are shifting to a risk focus. Our survey found that: Forty percent of APAC security decision-makers said that their vulnerability management programs are primarily strategic, in order to help the organization understand the risks to assets. Another 37% said that their vulnerability management program combines a compliance and risk focus. Only 23% still prioritize compliance above understanding their risk posture.

1 2 Eighty Percent Of Companies Were Attacked In The Past Year The focus on risk is not without merit. Our study found that 80% of companies have been attacked at least once in the past 12 months, with phishing and DNS-based attacks being the most common. As new technologies and devices are introduced by employees, customers, and partners, the potential for vulnerabilities increases. These attacks have a damaging impact the business, with consequences ranging from lost productivity, loss of business renewals, and loss of new customer wins to increased operational expenses, breaches of contract, and an increase in negative branding/perception.

Many Vulnerability Management Solutions Are Insufficient Despite security decision-makers assertion that risk management is their top vulnerability management priority, only 22% have ongoing scans that monitor their environments for new threats continuously. This may be due to insufficient strategies or vulnerability management platforms; our study found that respondents have a lot of vulnerability management challenges, including difficulties with remediating breaches across security and operations, prioritizing vulnerabilities, and monitoring mobile and cloud threats. Despite having a risk management focus, only 22% of respondents monitor their environments continuously.

Security Pros Seek To Invest In Better Solutions Security professionals in APAC are expanding their investments in an array of different network security and security operations technologies, including mobile security, network analysis and visibility, internet-of-things security, and wireless security, among many others. Our survey found that when considering investments in network vulnerability management or continuous monitoring solutions, respondents most highly value the ability to identify, scan, and protect devices; active scanning; malware analysis; benchmarks to compare current security controls; continuous scanning/listening capabilities; and coverage across cloud, virtualized, and mobile environments. Security teams have failed to make the investments necessary to instrument breach detection across the business. These investments include the people, process, and oversight required to make technology deployments. 2

Conclusion Companies are under a constant threat of cyberattacks and have declared risk management to be a major priority yet their current security approaches often fail to protect them adequately. Security decision-makers must re-evaluate their processes and technologies against industry best practices to ensure that they can mitigate evolving threats. METHODOLOGY This Technology Adoption Profile was commissioned by Tenable. To create this profile, Forrester conducted a custom survey of 120 enterprise IT decision-makers responsible for security and vulnerability management at companies in China, Singapore, Japan, Australia, and New Zealand. The custom survey was conducted in March 2016. ENDNOTES 1 Source: Defend Your Digital Business From Cyberattacks Using Forrester s Zero Trust Model, Forrester Research, Inc., September 23, 2015. 2 Source: Defend Your Digital Business From Cyberattacks Using Forrester s Zero Trust Model, Forrester Research, Inc., September 23, 2015. ABOUT FORRESTER CONSULTING Forrester Consulting provides independent and objective research-based consulting to help leaders succeed in their organizations. Ranging in scope from a short strategy session to custom projects, Forrester s Consulting services connect you directly with research analysts who apply expert insight to your specific business challenges. For more information, visit forrester.com/consulting. 2016, Forrester Research, Inc. All rights reserved. Unauthorized reproduction is strictly prohibited. Information is based on best available resources. Opinions reflect judgment at the time and are subject to change. Forrester, Technographics, Forrester Wave, RoleView, TechRadar, and Total Economic Impact are trademarks of Forrester Research, Inc. All other trademarks are the property of their respective companies. For additional information, go to forrester.com. [1-ZIFT3K] Project Director: Mark Brozek Sr. Market Impact Consultant Contributing Research: Forrester Security and Risk team

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback