Akamai research reveals that while APJ organisations are ahead in segmenting multiple assets, 43 percent of them cite lack of expertise as implementation obstacles
Akamai Technologies released new report, “The State of Segmentation 2023 report” found that organisations surveyed globally experienced an average of 86 ransomware attacks in the past 12 months, up from an average of 43 annual attacks two years ago. Security organisations have responded to the recent rise in attacks by implementing Zero Trust and microsegmentation strategies. In APJ, nearly all (99 percent) of respondents who reported that they have deployed some form of segmentation have also deployed a Zero Trust security framework.
The report is based on input from 1,200 IT and security decision-makers from around the world. Respondents overwhelmingly agreed that microsegmentation is an effective tool to keep assets protected, but deployment was lower than expected, with only 36 percent of APJ organizations segmenting across more than two business critical areas. In APJ, the top obstacle to deploying microsegmentation was a lack of skills/expertise at 43 percent – the highest among all regions surveyed. This was followed by compliance requirements (42 percent) and increased performance bottlenecks (40 percent). Almost all of those surveyed, no matter the sector, industry, or country, reported the same obstacles to slightly different extents.
While many APJ organisations are ahead in implementing such architectures, they must also ensure that staff and partners are equipped with the necessary skills to reap the full benefits of this approach.”
Dean Houari, Director, Security Technology and Strategy, APJ, Akamai
Despite slow deployments globally, organisations that have persevered and implemented a microsegmentation strategy across six mission-critical areas reported recovering from an attack in an average of only four hours. That’s 11 hours faster than organisations that have only segmented across one critical area, underscoring the effectiveness of a Zero Trust strategy that utilises microsegmentation.
“Cybercriminals in APJ are always shifting tactics and improving their tools to breach organisations. Whether it’s defending against ransomware, new zero-days, or sophisticated phishing attacks, it’s vital that organisations here reevaluate their risks to protect their critical assets. Adopting a Zero Trust architecture with the combination of Zero Trust Network Access and microsegmentation is the only effective strategy to mitigate ransomware threats. While many APJ organisations are ahead in implementing such architectures, they must also ensure that staff and partners are equipped with the necessary skills to reap the full benefits of this approach.” said Dean Houari, Director, Security Technology and Strategy, APJ, Akamai.
Other findings from the report include:
- IT security teams and decision-makers in APJ (62 percent) and the Americas (60 percent) are more likely to say network segmentation is extremely important to ensuring their organisation is secure than those in EMEA (53 percent).
- Organisations in APJ are more likely to have segmented more than two business-critical assets (36 percent) than those in EMEA (29 percent) and Americas (26 percent).
- APJ and EMEA both cite lack of skills/expertise (43 percent and 38 percent) as their greatest segmentation obstacle. For those in the Americas, the greatest obstacle is increased performance bottlenecks (41 percent).
- Those in the Americas are more likely to say their Zero Trust deployment is fully complete and defined (49 percent) than APJ (35 percent) and EMEA (33 percent).
- Of all respondents, 93 percent claimed that microsegmentation is critical to help thwart ransomware attacks.
- Network downtime (52 percent), data loss (46 percent), and brand/reputation damage (45 percent) were the most common issues impacting organisations after a ransomware attack.
- In APJ, China and Japan reported the most ransomware attacks over the past year, with China at 83 and Japan at 81.
- India leads the way in segmentation, with 58 percent of organisations reporting more than two assets/areas being segmented, followed by Mexico with 48 percent and Japan with 32 percent.
Methodology
Akamai partnered with Vanson Bourne to interview 1,200 IT and security decision-makers in 10 countries to measure the progress organisations have made in securing their environments, focusing on the role of segmentation.
They were asked questions related to their IT security approaches and segmentation strategies, as well as about the threats their organisation faced during 2023. These findings give us insight into how security strategies have changed since 2021, and where progress still needs to be made.
Security personnel and decision-makers from the U.S, Mexico, Brazil, U.K., France, Germany, China, India, Japan, and Australia were interviewed. All worked for organisations with more than 1,000 employees, and they represented a balanced range of industries and sectors.