sb-au logo
Story image

Australia trailing behind APAC in cloud migration and security

03 Oct 2018

Despite many Asia Pacific countries being renowned for their forward-thinking operations in mature IT markets, they are still trailing behind in their ability to implement security management.

A new report from Ovum and Juniper Networks shows that organisations in Australia, Japan and Korea actually rank lower than countries in emerging IT markets when it comes to centralising security management and cloud adoption.

Complacency could be an underlying cause of the sluggishness – in Australia, IT managers report fewer security alerts than other Asia Pacific countries. 68% say they receive fewer than 50 threat alerts per day, while 43% of APAC respondents say they receive more than 50 per day.

Adding to the frustration is the fact that 78% of managers say less than 10% of alerts they receive are legitimate and require further action. 

“The findings of this report should come as a serious wake up call for Australian businesses that have become, or risk growing, complacent in their approach to security,” comments Juniper Networks senior systems engineering manager James Sillence. 

“Despite being viewed as one of the most technologically mature in APAC, the reality is that most Australian enterprises today are hamstrung by the same technologies that once helped advance the nation’s IT economy. For Australian businesses to maintain their leadership, complexity and silos must be brought out of the enterprise security equation, and be replaced with a ‘single pane of glass’ approach to data management.”

Despite security alerts a siloed approach to security still persists. The survey found that many organisations in Asia Pacific aren’t centralising security management – more than half of organisations with more than 1000 branches or more say they manage more than 100 tools. However, 83% of respondents use fewer than 50 tools.

The survey also hinted that Australia has been less enthusiastic about the transition to cloud that it would like to think. 

Juniper looked at how many Asia Pacific organisations have migrated to IaaS or PaaS platforms and found that larger companies are more likely to have migrated (74%), compared with smaller companies (between 11-50% of respondents).

In Australia, 64% of IT managers report low-to-no migration of workloads to the cloud. 34% say that between 10-50% of their workloads have been moved.

Juniper Networks says this trend is more representative of the entrenched legacy infrastructure prevalent among Australian enterprises than strict opposition by organisations to the cloud. 

As uptake of cloud-based services improves, security managers will need to extend security functions to the cloud – particularly as off-premise security policy management isn’t yet well established in Australia.

The report found that 48% of Australian IT managers use on-premise security, while 38% use security offered by IaaS and PaaS providers.

The report makes the following recommendations:

Enterprise decision-makers must take steps to consolidate visibility and control of their security infrastructure 

Security decision-makers across all verticals should invest in centralized management capabilities, enabling them to control the disparate security tools in their infrastructure and address the challenge of prioritizing the volumes of daily alerts they receive. 

Only by bringing together into a "single pane of glass" and correctly handling the data from their security silos will companies be able to gain an enterprise-wide view of threats and manage their cyber-risk appropriately. 

More companies should investigate a separate management layer for security 

Too many companies rely on separate dashboards for each of their security tools, and SIEM platforms only go part of the way in addressing the centralization requirement. Ovum believes that more companies across all verticals should investigate the deployment of a separate management layer, into which all tools should all be able to report, and from which adjustments to their security posture should be rolled out quickly across their infrastructure. 

Investment must be made now in security for IaaS and PaaS cloud environments 

Ovum also recommends that enterprise look to invest in capabilities and/or services that allow them to manage security for their operating systems, middleware, and runtime environment, the data and applications customers are using in IaaS environments, and the data and applications they run in PaaS services.  Importantly, enterprise security leaders must review their policies as they relate to their off-premises or virtualised IT resources. 

Simplify – and enforce consistency in – security management 

Complexity – in terms of both the number of products in use and the pressures to cloudify security resources – underpins many APAC enterprises' security environments. 

To mitigate the risks this creates for security management, platforms that streamline and automate operational environments and help contain the proliferation of disparate security tools are recommended.

The Too Much of a Good Thing? Enterprise Cybersecurity Adoption Trends across Asia-Pacific report polled 350 IT professionals in 11 countries.

Story image
Emotet malware is on a rampage after months of silence
CERT agencies around the world are reporting a surge in cyber attacks related to the Emotet malware, which is being distributed by email.More
Story image
Proofpoint and CyberArk extend partnership to further safeguard high-risk users
“Our CyberArk partnership extension provides security teams with increased detection and enhanced adaptive controls to help prevent today’s most severe threats."More
Story image
Proofpoint launches new SMB focused security awareness training
Proofpoint has launched security awareness training for small to medium businesses (SMBs) with the aim of reducing successful phishing attacks and malware infections to almost zero. More
Link image
Why performance monitoring is essential to keep cloud costs down
Cloud comes with many different associated costs, which can sneak up on organisations and drive down efficiency. Here's how to reduce costs by up to 50%.More
Story image
75% of IT execs 'worried' about being targeted in cyber-attack
A new report from ConnectWise has shed light on the widespread concern about cyber-attacks, with 91% of SMB executives considering a move to an MSP if it provided the 'right' solution.More
Story image
Global attack volume down, but fraud and cyber threats still going strong
“The move to digital, for both businesses and consumers, has been significant. Yet with this change comes opportunity for exploitation. Fraudsters look for easy targets: whether government support packages, new lines of credit or media companies with fewer barriers to entry."More