In a recently published report, Palo Alto Networks has shed light on the concerns surrounding cybersecurity in the small and medium enterprise (SME) sector in the Philippines and Southeast Asia. The report, titled the “2023 State of Cybersecurity in ASEAN Report,” revealed that a significant number of SMEs are lacking confidence in their ability to secure their digital infrastructure within a hybrid work environment.
With the prevalence of remote and hybrid work setups, the study found that approximately one out of three SMEs in the region is not confident in their capability to track and defend against cybersecurity breaches effectively. This lack of confidence comes as SMEs increasingly rely on cloud-based infrastructure and remote work solutions, with 41% of their operations running in the cloud, both for on-site and work-from-home settings.
“In observance of Cybersecurity Awareness Month this October, we are reinforcing our mission of empowering SMEs with a stronger cybersecurity posture, recognizing their pivotal role as the backbone of our economy. It’s crucial to remember that SMEs, just like larger organizations, hold valuable data sought after by cyber attackers for financial gain,” according to Steven Scheurmann, Vice President for ASEAN at Palo Alto Networks.
The primary cybersecurity concerns for these businesses include password attacks, with 63% expressing anxiety about such incidents. Malware attacks and account takeovers also rank high on their list of worries, with 56% and 53% of SMEs, respectively, citing these as significant threats.
The report indicates that for two consecutive years, the adoption of cloud security has been a top cybersecurity strategy for SMEs in the region. However, despite their efforts to bolster cloud security, SMEs continue to grapple with the challenges posed by hybrid work arrangements. These difficulties stem from the risks associated with unsecured home networks and personal devices used for work, including laptops and smartphones.
The vulnerabilities created by these risks can result in data breaches, which not only jeopardize SME employees but also pose a threat to customer data. Such breaches could lead to identity theft and unauthorized financial transactions. The cumulative impact of these risks makes it challenging for nearly one-third of SMEs to acquire a broader range of cybersecurity solutions that are critical for hybrid work environments.
To address these concerns and stay ahead of evolving threats, experts at Palo Alto Networks have emphasized several non-negotiables that SMEs should prioritize when securing their cloud infrastructure in hybrid environments:
1. Holistic Visibility of Network Traffic:
This concept likens a company’s network to a bustling airport, with employees working from various “terminals” or physical locations. Just as airport security needs to verify every passenger’s identity and access permissions, SMEs should strive for holistic visibility to ensure that only authorized users and devices can access their data and applications.
2. Zero Trust Network Access (ZTNA):
ZTNA operates on the principle of “never trust, always verify.” It acts as a vigilant security manager, ensuring that every “tenant” (employee) must provide proper identification and state their purpose before gaining access to areas reserved for authorized personnel only, much like access control in a mall establishment.
3. AI and Machine Learning:
Artificial intelligence (AI)-backed machine learning plays a crucial role in network security by analyzing network traffic, predicting, and preventing cyber threats. This approach is similar to personalized content recommendations on social media platforms, as it continually adapts to protect SMEs from emerging threats, which are becoming increasingly sophisticated due to AI.
“Even small-sized and resource-constrained businesses can establish a formidable security posture, rendering it challenging for attackers to breach, provided a strong cybersecurity hygiene culture prevails within the company. Holistic visibility, a zero-trust approach, and AI integration will help ensure that SMEs can scale up their cloud security to protect against both current and future threats, no matter where they choose to work,” Scheurmann added.
As SMEs in the Philippines and Southeast Asia continue to adapt to hybrid work arrangements, the implementation of these strategies and a heightened focus on cybersecurity will be vital in maintaining the integrity of their digital infrastructure and safeguarding sensitive data. The Palo Alto Networks report underscores the importance of these measures in addressing the evolving landscape of cyber threats and ensuring the confidence and security of SMEs in the ASEAN region.