Share this article on:
Trellix has released a global Cyber Readiness Report gauging technology adoption and perceptions of government cyber security leadership related to cyber security standards and the cooperation between the public and private sectors.
The Trellix report shows 89 per cent of respondents from India, Australia and Japan believe formalised, government-led initiatives can play an important role in improving their nations’ protection against cyber threats.
Countries such as India, Australia and Japan are facing increasingly sophisticated attacks on government agencies and organisations providing critical infrastructure services:
The incidents, among many others, are reminders that government agencies and critical infrastructure enterprises must improve their cyber defenses through a combination of the implementation of advanced cyber security technologies, enhanced policies and practices, and strengthened partnerships with their governments.
Respondents from these countries see opportunities for improvement in their partnerships with government in areas such as cyber defence coordination, threat information sharing and software supply chain integrity.
The study, based on research conducted globally by Vanson Bourne, surveyed 900 cyber security professionals from organisations with 500 or more employees, including 200 respondents in India, Australia and Japan.
Cyber security technology adoption
Among Japanese respondents, 32 percent claim to have fully implemented endpoint detection and response and extended detection and response (EDR-XDR) and cloud cyber security modernisation. Zero trust and multi-factor authentication (MFA) appeared to be close behind with 31 per cent and 29 per cent, respectively. About 32 per cent of Indian respondents claim to have fully implemented cloud cyber security modernisation.
The cyber defence technologies lagging furthest behind within this group appear to be zero trust architectures and EDR-XDR with only 25 per cent and 22 per cent fully deployed, respectively.
Over 31 per cent of Australian respondents reported fully deploying EDR-XDR solutions. Technologies lagging further behind include cloud cyber security modernisation (24 per cent), MFA (24 per cent) and zero trust (16 per cent).
Software supply chain risk
The majority (82 per cent) of global respondents believe software supply chain risk management policies and processes are of either high or crucial importance to national security. About 74 per cent of Japanese respondents identified these policies and processes as extremely or highly difficult to implement, and only 26 per cent claim to have fully implemented such practices.
Over 65 per cent of Indian respondents and 63 per cent of Australian respondents identified these policies and processes as difficult to implement, with only 40 per cent of Australians and 35 per cent of Indians claiming full implementation.
About 64 per cent of Australians, 59 per cent of Indians and 52 per cent of Japanese surveyed support government mandates demanding cyber security standards for software. However, respondents from all three countries are concerned there could be drawbacks to such mandates.
Over 51 per cent of Indian respondents believe such mandates could result in government requirements that are too complex and ultimately too expensive to implement. Around half of Australian respondents believe government software security mandates will be too complex and expensive to implement and that government timelines will be difficult to meet. Roughly the same percentages of Japanese are also concerned about the costs and complexity of such mandates.
Cyber skills challenges
While survey respondents identified a variety of barriers to the implementation of advanced technologies, a cyber security talent shortage was revealed across the three countries.
Almost 60 per cent of Indian respondents and 45 per cent of Japanese respondents identified a lack of implementation expertise as one of the biggest barriers to implementation. In Australia, 49 per cent of respondents and 42 per cent of Japanese respondents identified a lack of in-house staff resources as one of their biggest barriers. These findings mirrored cyber security skills shortages in the US and Europe.
Public-private partnerships
About 93 per cent of Indians, 90 per cent of Australians and 85 per cent of Japanese surveyed believe there is room for improvement in the level of cyber security partnerships between their national governments and organisations.
About 59 per cent of Indians surveyed believe their government could provide more funding to organisations such as theirs to improve cyber security, and 53 percent favour tighter cooperation on the investigation of attacks following their discovery.
Half of Australian respondents supported a combination of incident notification and liability protection to facilitate sharing of attack data between impacted organisations, government partners and industry audiences. Half of Japanese respondents showed support for tighter cooperation on the investigation of attacks following their discovery.
In terms of the types of data government should share to help organisations better protect themselves, nearly two-thirds (64 per cent) of Indian respondents valued more data about common cyber security vulnerabilities. Almost 61 percent of Japanese and 56 per cent of Australians surveyed revealed they would like to receive more data on attack vectors used by adversaries. About 58 per cent of Japanese, 52 per cent of Indians and 44 per cent of Australians surveyed would like to receive more data on cyber attacks in progress.
[Related: Digital identity growth driving cyber security debt uptick]