Cloud infrastructure that include public, private, and hybrid models, are seen as the greatest source of cybersecurity risk for 70 per cent of Asia-Pacific companies surveyed by Forrester on behalf of cybersecurity firm Tenable.
This figure is the highest in the world, exceeding other regions like Latin America (66 per cent), Europe, Middle East and Africa (64 per cent), and the United States (62 per cent). The survey, released last week, involved 825 global cybersecurity and IT leaders, including 219 from the Asia-Pacific.
In particular, 46 per cent of the Asia-Pacific respondents reported that they lacked sufficient visibility into possible misconfigurations within their cloud infrastructure.
An additional discovery revealed that 57 per cent of respondents from Asia-Pacific stated that staff are unable to make prioritisation decisions due to a lack of data hygiene in user data and vulnerability management systems.
According to Tenable, the complexity of modern IT infrastructure means that organisations could have multiple cloud systems, identity and privilege management tools and Web-facing assets, that spell numerous opportunities for misconfigurations and overlooked assets.
The report reveals a significant organisational gap: Only 31 per cent of Asia-Pacific teams are consulted sufficiently early in the cloud service selection and deployment procedures.
The need for earlier and more integrated cybersecurity engagement in organisational decision-making is highlighted by the fact that nearly four out of 10 (37 per cent) respondents said that business and engineering teams purchase and deploy cloud services without the knowledge of cybersecurity teams.
Instead of the traditional, reactive security approaches to cybersecurity, the findings suggest a pressing need to shift towards a more proactive, integrated strategy. This involves anticipating and addressing vulnerabilities before they can be exploited, especially for cloud environments.
“The evolving complexity of cloud infrastructures demands a proactive security posture,” said Nigel Ng, vice president for Tenable for the region.
“This shift is not just about technology; it’s about transforming the way we think about and manage cloud security,” he added. “This proactive approach is vital for organisations to stay ahead of the rapidly changing cyber threat landscape and secure their cloud infrastructures effectively.”
A look ahead to 2024
The reality is that a proactive approach is required as the cybersecurity landscape is constantly evolving, according to the Google Cloud Cybersecurity Forecast 2024.
This report expects that in 2024, AI and the cloud will increasingly be used to scale operations for both attackers and defenders.
This, say experts, emphasises how important it is to have strong cloud security procedures in place to stop hackers from moving laterally between cloud environments by taking advantage of identification flaws and misconfigurations.