Akamai Technologies (NASDAQ: AKAM), the cloud company that powers and protects life online, today released a new report highlighting the increase in ransomware, the adoption of Zero Trust, and the benefits of micro-segmentation – an emerging security practice that breaks up networks into parts and implements granular security policies and controls for individual workloads, applications, and tasks.
The State of Segmentation 2023 report found that organizations surveyed globally experienced an average of 86 ransomware attacks in the past 12 months, up from an average of 43 annual attacks two years ago. Security organizations have responded to the recent rise in attacks by implementing Zero Trust and micro-segmentation strategies. In APJ, nearly all (99%) of respondents who reported that they have deployed some form of segmentation have also deployed a Zero Trust security framework.
The report is based on input from 1,200 IT and security decision-makers from around the world. Respondents overwhelmingly agreed that micro-segmentation is an effective tool to keep assets protected, but deployment was lower than expected, with only 36% of APJ organizations segmenting across more than two business critical areas. In APJ, the top obstacle to deploying micro-segmentation was a lack of skills/expertise at 43% – the highest among all regions surveyed. This was followed by compliance requirements (42%) and increased performance bottlenecks (40%). Almost all of those surveyed, no matter the sector, industry, or country, reported the same obstacles to slightly different extents.
Despite slow deployments globally, organizations that have persevered and implemented a micro-segmentation strategy across six mission-critical areas reported recovering from an attack in an average of only four hours. That’s 11 hours faster than organizations that have only segmented across one critical area, underscoring the effectiveness of a Zero Trust strategy that utilizes micro-segmentation.
“Cybercriminals in APJ are always shifting tactics and improving their tools to breach organizations. Whether it’s defending against ransomware, new zero-days, or sophisticated phishing attacks, it’s vital that organizations here reevaluate their risks to protect their critical assets. Adopting a Zero Trust architecture with the combination of Zero Trust Network Access and micro-segmentation is the only effective strategy to mitigate ransomware threats. While many APJ organizations are ahead in implementing such architectures, they must also ensure that staff and partners are equipped with the necessary skills to reap the full benefits of this approach.” said Dean Houari, Director, Security Technology and Strategy, Asia-Pacific and Japan.
Other findings from the report include:
IT security teams and decision-makers in APAC (62%) and the Americas (60 %) are more likely to say network segmentation is extremely important to ensure their organization is secure than those in EMEA (53%).
Organizations in APAC are more likely to have segmented more than two business-critical assets (36%) than those in EMEA (29%) and Americas (26%).
APAC and EMEA both cite a lack of skills/expertise (43% and 38%) as their greatest segmentation obstacle. For those in the Americas, the greatest obstacle is increased performance bottlenecks (41%).
Those in the Americas are more likely to say their Zero Trust deployment is fully complete and defined (49%) than APAC (35%) and EMEA (33%).
Of all respondents, 93% claimed that micro-segmentation is critical to help thwart ransomware attacks.
Network downtime (52%), data loss (46%), and brand/reputation damage (45%) were the most common issues impacting organizations after a ransomware attack.
In APJ, China and Japan reported the most ransomware attacks over the past year, with China at 83 and Japan at 81.
India leads the way in segmentation, with 58% of organizations reporting more than two assets/areas being segmented, followed by Mexico with 48% and Japan with 32%.