Security Market Segment LS
Monday, 23 May 2016 16:26

Managing cyber risk is a top priority – pity so few do


A new study titled "Vulnerability Management Trends in Asia Pacific" conducted by Forrester Consulting shows Australia’s information security practitioners cite managing risk as a top priority for their companies, yet demonstrate that their vulnerability management is inadequate.

Tenable Network Security, a global leader transforming security technology, has findings from the Technology Adoption Profile (TAP) study titled Vulnerability Management Trends in Asia Pacific in which the region’s information security practitioners cited managing risk as a top priority for their companies, yet demonstrated that their use of vulnerability management is inadequate and that attacks are reaching most organisations.

The TAP survey, commissioned in April 2016 and conducted by Forrester Consulting, evaluated perceived challenges, drivers, and benefits of various vulnerability management strategies and investments based on responses from information security professionals in Australia, China, Japan, New Zealand and Singapore.

Ron Gula, chief executive, Tenable Network Security, said: “Some of the pain points identified by the respondents, such as difficulties with remediating breaches across security and operations, prioritising vulnerabilities and mobile and cloud threat monitoring, are a natural consequence of the evolving threat environment. To overcome these challenges and deliver a comprehensive security solution that adequately assesses and mitigates cyber risk, security decision makers need to re-evaluate their processes and technologies against industry best practices.”

According to survey results, one of the top security priorities of companies is protecting customer data, with a focus on application security, data security and protection of customers’ personal information.       

Despite their customer focus, only 22% of security decision-makers performed continuous vulnerability assessments to monitor their environments for new threats. The majority of respondents (44%) conducted scans periodically while 28% performed scans monthly.

Managing risk a top priority

A total of 46% cited reducing risk and improving security posture as the highest ranking security priority of all strategic IT objectives for companies in the Asia-Pacific region. The survey elaborated that vulnerability management solutions are currently shifting to a risk focus, deviating from a traditional focus on compliance.

Security decision makers strive to help their companies understand risks to assets in their IT environments, as 40% of the respondents said their vulnerability management programs are mainly strategic. A total of 37% of the respondents also said that their vulnerability management programs focus on a combination of compliance and risk management.

Cyber security is a pressing issue, as the study discovered that 80% of companies have been attacked at least once in the past 12 months, with phishing and DNS-based attacks being the most common. The potential vulnerabilities of companies are compounded as new technologies and devices are introduced by employees, customers, and partners. Such attacks significantly affect the business, ranging from internal consequences such as decreased productivity (53% of respondents said the impact of this was ‘severe’ or ‘very severe’) and increased operational expenses (60%) to detriments such as brand damage (51%), resulting in lost customer trust (57%) and lost revenue (51%).

“The size and complexity of Asia Pacific combined with the unique political, socioeconomic and cultural distinctions, make cybersecurity a major challenge for this region,” said Gula. “The security industry needs to help organisations in the region safeguard critical corporate assets, conform to the product and service standards their customers demand, and to help protect them from detrimental effects of cyber attacks to reputation and business continuity.”

WEBINAR event: IT Alerting Best Practices 27 MAY 2PM AEST

LogicMonitor, the cloud-based IT infrastructure monitoring and intelligence platform, is hosting an online event at 2PM on May 27th aimed at educating IT administrators, managers and leaders about IT and network alerts.

This free webinar will share best practices for setting network alerts, negating alert fatigue, optimising an alerting strategy and proactive monitoring.

The event will start at 2pm AEST. Topics will include:

- Setting alert routing and thresholds

- Avoiding alert and email overload

- Learning from missed alerts

- Managing downtime effectively

The webinar will run for approximately one hour. Recordings will be made available to anyone who registers but cannot make the live event.



Security requirements such as confidentiality, integrity and authentication have become mandatory in most industries.

Data encryption methods previously used only by military and intelligence services have become common practice in all data transfer networks across all platforms, in all industries where information is sensitive and vital (financial and government institutions, critical infrastructure, data centres, and service providers).

Get the full details on Layer-1 encryption solutions straight from PacketLight’s optical networks experts.

This white paper titled, “When 1% of the Light Equals 100% of the Information” is a must read for anyone within the fiber optics, cybersecurity or related industry sectors.

To access click Download here.


Ray Shaw

joomla stats

Ray Shaw  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!



Recent Comments