The strongest reported maturity levels were in the area of Protection. However, perimeter-based defense solutions are proving to be increasingly ineffective over time as cyber threats become more advanced. The categories of Response and Detection were ranked least mature in the region. Organizations must focus on executing preventative strategies and improving capabilities that offer complete visibility to detect and respond to advanced threats before they can impact the business.
The results of the RSA Cybersecurity Poverty Index also revealed the urgency for smaller organizations in the APJ region to improve their cybersecurity strategies to better defend themselves against today's advanced threats. 85% of organizations surveyed with less than 1,000 employees reported to be not well prepared for today's threats versus 61% of mid-sized organization (between 1,000-10,000 employees) and 65% of large organizations (10,000+ employees) reported not being as well prepared. This wide gap in defense capabilities between large and small organizations point to a potential risk of smaller organizations becoming prime targets for threats in today's digital landscape.
To assess cybersecurity maturity, respondents self-assessed their capabilities against the CSF, which designed to provide guidance based on existing standards, guidelines and practices for reducing cyber risks, and was created through collaboration between industry and government. While the CSF was initially developed in the United States with the aim of helping to reduce cyber risks to critical infrastructure, organizations worldwide have found it to be a prioritized, flexible, repeatable and cost-effective approach for managing cyber risk. Thus, it serves as an excellent baseline to assess any organization's core cybersecurity and cyber risk management capabilities.
Organizations rated their own capabilities in the five key functions outlined by the CSF: Identify, Protect, Detect, Respond, and Recover. Ratings used a 5-point scale, with 1 signifying that the organization had no capability in a given area, and 5 indicating that it had highly mature practices in the area.
Nigel Ng, Vice President, APJ, RSA, The Security Division of EMC
"The results of this research provide insight into how the APJ region can improve its overall cybersecurity maturity. Over the next few years, we are bound to face more vulnerabilities as technology and internet penetration in the region is set to grow in parallel alongside sophisticated cyber threats. Especially so in Southeast Asia, which is now the world's fastest-growing Internet region globally, where the internet user base is expected to double to 480 million by 2020. So it is more important than ever for organizations of all sizes to acknowledge weaknesses, review their cybersecurity strategies and move beyond conventional approaches – like perimeter-based protection -- when thinking about security."
RSA provides more than 30,000 customers around the world with the essential security capabilities to protect their most valuable assets from cyber threats. With RSA's award-winning products, organizations effectively detect, investigate, and respond to advanced attacks; confirm and manage identities; and ultimately, reduce IP theft, fraud, and cybercrime. For more information, go to www.rsa.com.
This release contains "forward-looking statements" as defined under the Federal Securities Laws. Actual results could differ materially from those projected in the forward-looking statements as a result of certain risk factors, including but not limited to: (i) risks associated with the proposed acquisition of EMC by Denali Holdings, Inc., the parent company of Dell, Inc., including, among others, assumptions related to the ability to close the acquisition, the expected closing date and its anticipated costs and benefits; (ii) adverse changes in general economic or market conditions; (iii) delays or reductions in information technology spending; (iv) the relative and varying rates of product price and component cost declines and the volume and mixture of product and services revenues; (v) competitive factors, including but not limited to pricing pressures and new product introductions; (vi) component and product quality and availability; (vii) fluctuations in VMware, Inc.'s operating results and risks associated with trading of VMware stock; (viii) the transition to new products, the uncertainty of customer acceptance of new product offerings and rapid technological and market change; (ix) risks associated with managing the growth of our business, including risks associated with acquisitions and investments and the challenges and costs of integration, restructuring and achieving anticipated synergies; (x) the ability to attract and retain highly qualified employees; (xi) insufficient, excess or obsolete inventory; (xii) fluctuating currency exchange rates; (xiii) threats and other disruptions to our secure data centers or networks; (xiv) our ability to protect our proprietary technology; (xv) war or acts of terrorism; and (xvi) other one-time events and other important factors disclosed previously and from time to time in the filings of EMC, the parent company of RSA, with the U.S. Securities and Exchange Commission. EMC and RSA disclaim any obligation to update any such forward-looking statements after the date of this release.
To view the original version on PR Newswire, visit:http://www.prnewswire.com/news-releases/rsa-research-shows-74-of-apj-organizations-face-significant-risk-of-cyber-incidents-300301119.html