Palo Alto Networks released its 2023 State of Cybersecurity in ASEAN Report, which reveals that one in three small and medium enterprises (SMEs) in the Philippines and Southeast Asia lacks confidence in detecting cybersecurity breaches in a hybrid work setting. The report also shows that SMEs are most worried about password attacks (63%), malware attacks (56%), and account takeovers (53%), as they run 41% of their infrastructure and processes in the cloud for both onsite and remote work.
“In observance of Cybersecurity Awareness Month this October, we are reinforcing our mission of empowering SMEs with a stronger cybersecurity posture, recognizing their pivotal role as the backbone of our economy. It’s crucial to remember that SMEs, just like larger organizations, hold valuable data sought after by cyber attackers for financial gain,” said Steven Scheurmann, Vice President for ASEAN at Palo Alto Networks.
According to the report, adopting cloud security has been a top cybersecurity strategy for SMEs for two consecutive years. However, hybrid work poses challenges for SMEs in securing their cloud applications and services due to risks associated with unsecured home networks and personal devices.
These risks include data breaches, which can endanger both SME employees and customers, potentially leading to identity theft and unauthorized financial transactions. These vulnerabilities make it difficult for nearly one-third of SMEs to acquire a wider range of cybersecurity solutions for hybrid work.
Scheurmann highlighted the essential factors that SMEs should consider when securing cloud infrastructure in hybrid environments.
Holistic visibility of network traffic. Imagine your company’s network as a busy airport, where employees work from different ‘terminals’ or physical locations, such as offices, homes, or remote sites. The challenge resembles airport security — knowing who’s allowed to board ‘network flights’ and who’s not. The airport needs to have visibility on every ‘passenger’ (devices and users) and verify their ‘boarding passes’ (access permissions). This holistic visibility ensures SMEs that only authorized users and devices get access to data and applications.
Zero Trust Network Access (ZTNA). ZTNA operates on the principle of ‘never trust, always verify.’ If an SME’s network is a mall establishment, not all of its tenants can freely move around the building. ZTNA acts as the diligent security manager, ensuring that each ‘tenant’ (employee) must show their identification and state their purpose before gaining access to areas reserved for authorized personnel only.
AI and machine learning. Artificial intelligence (AI)-backed machine learning in network security is like having personalized content recommendations on your social media. Just as algorithms analyze your preferences for tailored suggestions, AI-driven firewalls with machine learning analyze network traffic, predict, and prevent cyber threats that are also increasingly sophisticated due to AI. They continually adapt, ensuring SMEs are equipped to protect themselves from emerging threats.
“Even small-sized and resource-constrained businesses can establish a formidable security posture, rendering it challenging for attackers to breach, provided a strong cybersecurity hygiene culture prevails within the company. Holistic visibility, a zero-trust approach, and AI integration will help ensure that SMEs can scale up their cloud security to protect against both current and future threats, no matter where they choose to work,” Scheurmann concluded.