Trellix, a cybersecurity firm delivering the future of extended detection, released a global Cyber Readiness Report gauging tech adoption and perceptions of gov’t cybersecurity leadership related to standards and the cooperation between the public and private sectors.
89% of respondents from India, Australia and Japan believe gov’t led initiatives can play a vital role in improving their nations’ protection against cyber threats. Respondents from these countries see opportunities for improvement in their partnerships with gov’t in areas such as cyber defense coordination, threat information sharing and software supply chain integrity.
What were the key insights of Trellix’s report?
The study, based on research conducted by Vanson Bourne, surveyed 900 cybersecurity experts from firms with over 500 employees, including 200 in India, Australia and Japan.
“Global tensions in Ukraine sharpen our focus on the cyber readiness of gov’t and critical infrastructure. Our report assesses the progress of new tech implementation, like XDR. It also identifies areas of opportunity for stronger public-private partnerships, where increased coordination will keep us ahead of our adversaries,” said Bryan Palma, CEO of Trellix.
Cybersecurity technology adoption
Among Japanese respondents, 32% have implemented endpoint detection and response and extended detection and response and cloud cybersecurity modernization. Zero trust and multifactor authentication appeared to be close behind with 31% and 29% respectively.
32% of Indian respondents have fully implemented cloud cybersecurity modernization. The cyber defense technologies lagging furthest behind within this group appear to be zero trust architectures and EDR-XDR with only 25 percent and 22 percent fully deployed respectively.
31% of Australian respondents deployed EDR-XDR solutions. Tech lagging further behind include cloud cybersecurity modernization (24%), MFA (24%) and zero trust (16%).
Software Supply Chain Risk
The majority (82%) of global respondents believe software supply chain risk management policies and processes are of either high or crucial importance to national security.
74% of Japanese respondents identified these policies and processes as extremely or highly difficult to implement, and only 26% claim to have fully implemented such practices.
Indian (65%) and Australian (63%) respondents identified these processes as difficult to implement, with only 40% of Australians and 35% of Indians claiming full implementation.
64% of Australians, 59% of Indians and 52% of Japanese surveyed support government mandates demanding cybersecurity standards for software. But respondents from all three countries are concerned there could be drawbacks to such mandates.
Fifty-one percent of Indian respondents believe such mandates could result in government requirements that are too complex and ultimately too expensive to implement.
Around half of Aussie respondents believe gov’t software mandates will be too complex and expensive to implement and that gov’t timelines will be difficult to meet. Roughly the same percentages of Japanese are also concerned about the costs and complexity.
Cyber Skills Challenges
While survey respondents identified a variety of barriers to the implementation of advanced technologies, a cybersecurity talent shortage was revealed across the three countries.
Indian (60%) and Japanese (45%) respondents identified a lack of implementation expertise as one of the biggest barriers to implementation. 49% of Australian respondents and 42% of Japanese respondents identified a lack of in-house staff resources as one of their biggest barriers. These findings mirrored cybersecurity skills shortages in the U.S. and Europe.
Palma continued: “The cyber skills gap is well known; the report highlights the deficit is stifling the deployment of cybersecurity technology. Whatever innovation advantage the United States and its allies believe we have is irrelevant if we cannot implement the solutions.”
93% of Indians, 90% of Australians and 85% of Japanese surveyed believe there is room for improvement in the level of cybersecurity partnerships between their gov’ts and firms. 59% of Indians surveyed believe their gov’t could provide more funding to firms to improve cybersecurity, and 53% favor tighter cooperation on the investigation of attacks.
Half of Australian respondents supported a combination of incident notification and liability protection to facilitate sharing of attack data between impacted organizations, government partners and industry audiences. Half of Japanese respondents showed support for tighter cooperation on the investigation of attacks following their discovery.
In terms of the types of data gov’t should share to help firms better protect themselves, nearly 64% of Indian respondents valued more data about common vulnerabilities.
61% of Japanese and 56% of Australians surveyed said they would like to receive more data on attack vectors used by adversaries. 58% of Japanese, 52% of Indians and 44% of Australians surveyed would like to receive more data on cyber-attacks in progress.