Cybersecurity's Role in World’s Fastest Growing Region: B2B Marketing in APAC

In contemporary cybersecurity, organizations face multifaceted challenges stemming from external as well as internal forces. The evolving attack techniques, driven by relentless innovation, demand heightened vigilance to protect against data breaches and system vulnerabilities. Concurrently, market dynamics and the widespread adoption of 5G technology have ushered in new opportunities and risks that must be addressed meticulously. The shift towards remote working, an internal force, further accentuates the necessity for comprehensive security measures as it enlarges the attack surface.

The APAC cybersecurity market size is projected to reach USD 35.23 billion in 2023 and grow at a CAGR of 19.14% to reach USD 84.57 billion by 2028.

The Asia-Pacific cybersecurity industry is anticipated to grow even further as a result of the increasing severity of cyberattacks and stringent government regulations.

While malware and malicious software persist as formidable adversaries, the most profound threats materialize in phishing emails, malicious links, compromised websites, and denial of service attacks. Regions like Singapore and Australia, where the prevalence of cyberattacks poses a significant challenge to organizations, are particularly acutely aware of the complexity these threats introduce.

In an interview with Machintel, Trishneet Arora, Founder & CEO at TAC Security, shared his views and stated that they are proud to be the first company enabling organizations to manage their entire cybersecurity risk portfolio on a single platform and make informed decisions by understanding quantifiable risks on a scale from zero to ten.

Scope of Cybersecurity Areas

Classification by Solution Type

• Identity and Access Management
• Threat Detection and Prevention
• Security and Vulnerability Management
• DDoS Mitigation
• Next-Generation Firewall
• IDS/IPS
• Services

Classification by End-User Industry

• Aerospace, Defense, and Intelligence
• Banking, Financial Services, and Insurance
• Healthcare
• Manufacturing
• Retail
• Power and Utilities
• IT and Telecommunication

Classification by Region

• China
• Japan
• India
• South Korea
• Vietnam
• Thailand
• Singapore
• Australia
• Rest of Asia-Pacific

The imperative to develop end-to-end security solutions has never been more urgent. This entails fortifying infrastructure against external threats while enhancing internal security measures to ensure the integrity and confidentiality of data. Effectively addressing these external and internal forces and embracing comprehensive security strategies enables organizations to navigate the intricate cybersecurity scenario, and enabling B2B marketing safety of critical assets in Asia Pacific and maintaining business continuity.

According to the OTA report, over 90 percent of the breaches they studied could have been prevented, and that 29 percent of those were actually caused by employees, accidentally or maliciously, due to a lack of internal control.
Humans are the weak links in most of the cybersecurity issues in B2B marketing. Human beings tend to click on phishing links or fail to secure their data through MFA. This calls for ‘strong human firewalls.’

Collaborative Approaches in APAC

According to Cloudflare, China accounted for 45% of the world’s cyberattack incidents in March 2022

Public and Private Sector Collaboration

The public and private sectors should collaborate and synchronize their cyber defense strategies to achieve a secure digital environment. Governments and global standards organizations should consider introducing a standardized cybersecurity framework for B2B marketers in the private sector. Stakeholders of security functions can also provide critical insights, identify national cybersecurity risks, and work with governmental agencies to encourage the private sector to increase investment in digital infrastructure.

Threat Intelligence to Automate Organizational Response

Automation is the key path to getting ahead of emerging threats. Automating enables the identification of various threats, enabling adaptive response protocols. This helps organizations streamline their risk assessment processes and provide realistic benchmarks for testing and evaluation. AI-driven adaptive protection automatically switches to the aggressive mode, blocking ransomware payloads and preventing cyber criminals from successfully executing the attack.

Zero Trust Approach

As the number of peripheral terminals and remotely connected devices increases, so does the attack surface that cybercriminals can exploit. Therefore, the Zero Trust paradigm of ‘assume breach’ must be a business imperative. Government agencies across APAC are geared to address security at every level. Businesses of all sizes can get started on the Zero Trust journey by taking steps to secure identities. As per the recent Cyber Signals report by Microsoft, identities are a vital security battleground, and compromised credentials can be avoided by activating multifactor authentication (MFA) and passwordless authentication.

In an interview with Machintel, Chris Fisher emphasized that the key point for a security organization responsible for safeguarding their company's assets is that they must maintain a high level of vigilance each day in all aspects. In contrast, a hacker only needs to be successful once to potentially inflict significant harm on an organization. 

• The ICT ministry of South Korea announced plans to invest 670 billion won (USD 607 million) by 2023 to bolster the nation's cybersecurity capabilities in response to the rise of new digital threats. The nation intends to develop infrastructure to rapidly respond to cybersecurity threats by collaborating with major cloud and data center companies to collect threat information in real-time, as opposed to the current system that relies on individual reports.
• In January 2022, the Cyberspace Administration of China issued new cybersecurity review guidelines for critical information infrastructure operators (CIIO) who purchase network products and services that may impact national security. Important communications products, high-performance computers or servers, mass storage equipment, large databases or applications, cloud computing services, and any other network product or service that has a significant impact on the security of any critical information infrastructure are subject to this measure.
• The IBM Security Command Center in India, for which investments were made on the aforementioned date in February 2022, represents a substantial investment in security incident response and training for Asia-Pacific organizations. It is designed to prepare everyone from the C-suite to the technical staff by providing cybersecurity training for B2B marketers in APAC on response techniques to cyberattacks through simulations of highly realistic cyberattacks. The investment also includes a brand-new Security Operation Center (SOC), which would be added to IBM's extensive global network of SOCs and would offer clients around the globe 24-hour security response services.

“Our lives are intertwined with technology, creating great potential but also risk. The whole nation needs to work together to stamp out cybercrime with capacity building, by improving awareness and sharing knowledge to help protect everyone.”

- Mary Rose E. Magsaysay, Director of Cybercrime Investigation and Coordination, Philippines

To address the gap in enhancing interoperability between B2B marketing and data protection regimes, strengthening countries with no data protection legislation, legislation containing broad gaps and exemptions, and where businesses are allowed to exclude certain services or practices from coverage is required.

Since the Snowden revelations in 2013 regarding national security surveillance, there has been a scramble for enhanced encryption services to protect consumers from surveillance and to regain consumer trust in ICT services. Encryption is not an absolute form of security; there is an ongoing debate over the extent to which the private sector should assist law enforcement agencies in gaining access to encrypted material.

The regional initiatives have been the key driver for data protection regulation. Some potential exists for fragmentation and divergence with the large number of competing initiatives and their need for comprehensive coverage. Some interesting crossovers are developing.

Cyberattacks are not only targeting businesses and governments but also the security industry itself. Some organizations are adopting a more proactive and aggressive approach to cybersecurity in APAC by launching counterattacks or hack-backs against their adversaries. Such retaliatory actions can backfire, exposing them to heightened APAC’s digital marketing cyber risks and potential retaliation.

Small to mid-sized businesses are often overlooked or underprepared when it comes to cybersecurity. However, they are also attractive targets for cybercriminals, who can exploit their weak defenses or use them as stepping stones to larger organizations.  Zero-day attacks are those that exploit unknown or unpatched vulnerabilities in software or hardware. Sophisticated and well-resourced attackers, such as nation-states or cyberespionage groups, often use them.

Organizations handling private data need to be clarified for their accountability and have full transparency on the way data is handled. If there’s a breach, the weight should be on the shoulders of those handling the data and not the security personnel. The internet is a highly interdependent system, and no single actor can adopt a fix-all solution. It requires collaboration among vendors and manufacturers to ensure that devices are secured by design and that the users can interact with the devices to confirm or perform updates, make configuration changes, and so on.

Constance Bommelaer de Leusse, Senior Director of Global Internet Policy at ISOC, said, “Neither government nor the private sector can deal with the scope and scale of cyber threats alone. It will require collaboration.” He remarked that society is becoming increasingly dependent on the Internet in everything from political processes to economies, and this makes cyber-attacks an attractive means for malicious actors, including state-sponsored attacks.

Surrounding security and encryption are trending, but users are not willing to use anything that’s even slightly inconvenient. In coming years, there’ll be still talks on how important security is, and things may be even more insecure if not taken proper measures.

These all call for employing a ‘Zero Trust Architecture’ to secure remote and cloud-based operations, investing in quantum-resistant cryptography to safeguard against emerging threats from quantum computing, and fortifying the security of IoT devices. Biometric authentication, implementing blockchain technology to ensure data integrity, and fostering global collaboration in sharing threat intelligence should unquestionably be regarded as top-priority initiatives in cybersecurity preparedness.

Collaboration of all the actors within an ecosystem is required for security promotion!