Managing threats with cybersecurity-as-a-service | The Edge Markets
The growing threat of cyber attacks in Malaysia
Cyber attacks are increasing every year, revealing that Malaysian organisations are not equipped to fully mitigate and contain the numerous cyber threats targeting both industry and government. Despite the rise of cybercrimes across all sectors, organisations are slow to put a cybersecurity risk plan in place.
In the last year alone, Malaysia has suffered numerous cyber incidents. Recently, it was reported that a group of hackers, code-named grey hat, broke into a pay system and extracted nearly two million payslips and tax forms in PDF format, amounting to 188.75 gigabytes. In another breach, one of the biggest local payment gateway platforms for banks and merchants in the country admitted it was a victim of a cybersecurity incident that compromised the card data of users.
The industry skills shortage continues to pose a challenge
Cybersecurity skills shortages remain a challenge across Southeast Asia and Malaysia is no exception where there continues to be a gap in cyber talent and skills. Without a strong first line of defense with on-demand resources, organizations are leaving themselves open to increased risk and exposure to potential attacks.
Based on reports from Sophos, organizations cited that a lack of suitable staff and budget constraints continue to hinder organizations from obtaining the skills they require in house. Nearly 60% of Malaysian businesses say that their company’s lack of cybersecurity skills is challenging for their organization, with nearly 50% agreeing that their organization doesn’t have the team in place to properly detect, investigate and respond to security incidents. Furthermore, 68% of companies in Malaysia struggle to recruit candidates with the necessary skills.
The evolving threat landscape requires a proactive approach utilising adaptive and holistic cybersecurity strategies that relate to people, processes and technology. The complexity of modern operating environments and the velocity of cyberthreats make it increasingly difficult for most organisations to successfully manage detection and response on their own, the need for always-on security operations has become necessary.
Cybersecurity-as-a-service fills the security gap
To defend against emerging threats and address the skills gap, many organisations are adopting cybersecurity-as-a-service (CSaaS). CSaaS is a security model where organizations leverage outside specialists to fulfill critical cybersecurity needs—like round-the-clock threat monitoring. By leveraging outsourcing to include managed cybersecurity services, organizations can mitigate attacks before they occur and foster critical skills among new and existing employees.
Organizations can leverage CSaaS to implement proactive defenses and to reduce the need to increase headcount to manage cybersecurity. Managed Detection and Response (MDR) is an example of CSaaS that many organizations are turning to solve their cybersecurity gaps.
With CSaaS, organizations have access to highly skilled workers they might not otherwise be able to obtain, providing them with urgently needed defenses without having to build in-house security teams or add headcount to existing ones.
Sophos Managed Detection and Response (MDR) Service
Understanding that the security needs of organizations are always evolving, Sophos Managed Detection and Response (MDR) now offers third-party security technology compatibilities to better detect and remediate attacks with speed and precision across diverse customer and operating environments. The service is fully managed 24/7 by a team of experts working around the clock to tackle on-coming cyber threats before they turn into something more sinister like ransomware or a data breach.
This industry-first service with more than 12,000 customers now integrates telemetry from third-party endpoint, firewall, cloud, identity, email, and other security technologies as part of the Sophos Adaptive Cybersecurity Ecosystem.
This security telemetry from many other security vendors can be automatically consolidated, correlated, and prioritized with insights from the Sophos Adaptive Cybersecurity Ecosystem and the Sophos X-Ops threat intelligence unit.
With the ability to customize based on different service tiers and threat response options, IT teams can choose whether to have the Sophos MDR operations team execute full-scale incident response, provide collaborative assistance for confirmed threats, or deliver detailed alert notifications for in-house security operations teams to manage themselves. As such, organizations can keep the cybersecurity tools they already have in place and choose what level of support they require based on the outcomes they want to achieve.
The threat landscape is now too complex and changing too quickly for anything but an MDR service that has multi-vendor security capabilities to successfully defend against it. By removing the technological barriers that have historically limited how and what managed security services can handle, Sophos’ industry game changing MDR helps organizations protect their businesses so that they can continue to grow.
Gloss