Connect with us

BizNews

Security response planning on the rise, but containing attacks remains an issue – IBM

While organizations surveyed have slowly improved in their ability to plan for, detect and respond to cyberattacks over the past five years, their ability to contain an attack has declined by 13% during this same period.

Published

on

IBM announced the results of a global report examining businesses’ effectiveness in preparing for and responding to cyberattacks. While organizations surveyed have slowly improved in their ability to plan for, detect and respond to cyberattacks over the past five years, their ability to contain an attack has declined by 13% during this same period.

The global survey conducted by Ponemon Institute and sponsored by IBM Security found that respondents’ security response efforts were hindered by the use of too many security tools, as well as a lack of specific playbooks for common attack types.

While security response planning is slowly improving, the vast majority of organizations surveyed (74%) are still reporting that their plans are either ad-hoc, applied inconsistently, or that they have no plans at all. This lack of planning can impact the cost of security incidents, as companies that have incident response teams and extensively test their incident response plans spend an average of $1.2 million less on data breaches than those who have both of these cost-saving factors in place.

The key findings of those surveyed from the fifth annual Cyber Resilient Organization Report include:

  • Slowly Improving: More surveyed organizations have adopted formal, enterprise-wide security response plans over the past 5 years of the study; growing from 18% of respondents in 2015, to 26% in this year’s report (a 44% improvement).
  • Playbooks Needed: Even amongst those with a formal security response plan, only one third (representing 17% of total respondents) had also developed specific playbooks for common attack types — and plans for emerging attack methods like ransomware lagged even further behind.
  • Complexity Hinders Response: The amount of security tools that an organization was using had a negative impact across multiple categories of the threat lifecycle amongst those surveyed. Organizations using 50+ security tools ranked themselves 8% lower in their ability to detect, and 7% lower in their ability to respond to an attack, than those respondents with less tools.
  • Better Planning, Less Disruption: Companies with formal security response plans applied across the business were less likely to experience significant disruption as the result of a cyberattack. Over the past two years, only 39% of these companies experienced a disruptive security incident, compared to 62% of those with less formal or consistent plans.

“While more organizations are taking incident response planning seriously, preparing for cyberattacks isn’t a one and done activity,” said Wendi Whitmore, Vice President of IBM X-Force Threat Intelligence. “Organizations must also focus on testing, practicing and reassessing their response plans regularly. Leveraging interoperable technologies and automation can also help overcome complexity challenges and speed the time it takes to contain an incident.”

Updating Playbooks for Emerging Threats
The survey found that even amongst organizations with a formal cybersecurity incident response plan (CSIRP), only 33% had playbooks in place for specific types of attacks. Since different breeds of attack require unique response techniques, having pre-defined playbooks provides organizations with consistent and repeatable action plans for the most common attacks they are likely to face.   

Amongst the minority of responding organizations who do have attack-specific playbooks, the most common playbooks are for DDoS attacks (64%) and malware (57%). While these methods have historically been top issues for the enterprise, additional attack methods such as ransomware are on the rise. While ransomware attacks have spiked nearly 70% in recent years, only 45% of those in the survey using playbooks had designated plans for ransomware attacks.

Additionally, more than half (52%) of those with security response plans said they have never reviewed or have no set time period for reviewing or testing those plans. With business operations changing rapidly due to an increasingly remote workforce, and new attack techniques constantly being introduced, this data suggests that surveyed businesses may be relying on outdated response plans which don’t reflect the current threat and business landscape.

More Tools Led to Worse Response Capabilities
The report also found that complexity is negatively impacting incident response capabilities. Those surveyed estimated their organization was using more than 45 different security tools on average, and that each incident they responded to required coordination across around 19 tools on average. However, the study also found that an over-abundance of tools may actually hinder organizations ability to handle attacks. In the survey, those using more than 50 tools ranked themselves 8% lower in their ability to detect an attack (5.83/10 vs. 6.66/10), and around 7% lower when it comes to responding to an attack (5.95/10 vs. 6.72/10).

These findings suggest that adopting more tools didn’t necessarily improve security response efforts — in fact, it may have done the opposite. The use of open, interoperable platforms as well as automation technologies can help reduce the complexity of responding across disconnected tools. Amongst high-performing organizations in the report, 63% said the use of interoperable tools helped them improve their response to cyberattacks.

While security response planning is slowly improving, the vast majority of organizations surveyed (74%) are still reporting that their plans are either ad-hoc, applied inconsistently, or that they have no plans at all.

Better Planning Pays Off
This year’s report suggests that surveyed organizations who invested in formal planning were more successful in responding to incidents. Amongst respondents with a CSIRP applied consistently across the business, only 39% experienced an incident that resulted in a significant disruption to the organization within the past two years  compared to 62% of those who didn’t have a formal plan in place.

Looking at specific reasons that these organizations cited for their ability to respond to attacks, security workforce skills were found to be a top factor. 61% of those surveyed attributed hiring skilled employees as a top reason for becoming more resilient; amongst those who said their resiliency did not improve, 41% cited the lack of skilled employees as the top reason.

Technology was another differentiator that helped organizations in the report become more cyber resilient, especially when it comes to tools that helped them resolve complexity. Looking at organizations with higher levels of cyber resilience, the top two factors cited for improving their level of cyber resilience were visibility into applications and data (57% selecting) and automation tools (55% selecting). Overall, the data suggests that surveyed organizations that were more mature in their response preparedness relied more heavily on technology innovations to become more resilient.

BizNews

Local startup 1Export brings global opportunities to MSMEs

In tough times like these, taking steps toward exporting may seem expensive, confusing and risky, especially since a profitable return is not certain. This is where 1Export comes in.

Published

on

As the current economic downturn continues, exporting has become one of the last remaining opportunities for micro, small, and medium enterprises (MSME’s) hoping to hold on through the pandemic. Many such businesses are finding a life line through the local startup 1Export, an end-to-end platform for cross-border trade and fulfillment.

With 1Export’s help for all their exporting needs, MSMEs aren’t just staying above water, they are growing. 1Export has won numerous awards internationally (Gojek Xcelerate 2019 & SoGal San Francisco 2020 Global Pitch winner), because of its focus on making exporting easier for businesses big or small. It remains to be the largest export e-commerce platform in the Philippines in terms of revenue share.

In tough times like these, taking steps toward exporting may seem expensive, confusing and risky, especially since a profitable return is not certain. This is where 1Export comes in. Led by young professionals in their respective fields, 1Export is a one-stop, holistic solution for businesses looking to expand their market range without needing to carry the numerous pitfalls associated with exporting their products.

Exporting through technology

As the process of becoming compliant begins, 1Export holds the hands of its partners by finding them the appropriate buyers for any and all of the products that they wish to export. Currently, 1Export offers its services to 9 international markets, with each market having their own sets of standards that each business must comply with in order to successfully export their products. These compliance standards make exporting more complicated than it needs to be. 1Export smooths out  the process with a tech platform, which makes creating the correct documentation for any country simple. In addition to this, MSME suppliers can also conveniently use automated labeling through a simple upload of a photo, making the path to going global a seamless one. With a myriad of services to adequately equip partner suppliers with their exporting needs paired with a 100% port clearance rate, 1Export presents an opportunity unlike any other with a potential to earn in US dollars. 

“Exporting is often viewed as a tedious and laborious process. For most MSMEs, creating a truly globally competitive brand remains just a pipe dream. We believe that, when done right, exporting can be a powerful tool to showcase MSME talent, uplift the economy, and change the lives of people. At 1Export, we aim to harness the innate ingenuity, talent and beauty of the country and showcase it to the world.” Daniel Remo, Chief Operating Officer of 1Export says.


Hope for our MSMEs

Mel Nava, CEO of 1Export, during their pitch in SoGal San Francisco 2020

There are a lot of opportunities that MSMEs can take advantage of while in this pandemic. Global trends point to an increase in purchase of essential products, but as the curve flattens in other countries, people are looking for things that provide comfort or happiness. So the question at the end of the day is, how do we make MSME products relevant? According to Mel Nava, Chief Executive Officer of 1Export, “We make them globally competitive so that they can export, we help them export so they can sell more, stay afloat, and serve the needs and wants of other markets”. Because travel is limited, cross-border trade has increased and to bring products people want and long for now need to comply with trade regulations abroad.

While the pandemic has been the cause for the demise of a lot of businesses, there is hope for the economy because platforms like 1Export addresses the various problems of MSMEs brought about by exporting: a need for international partners, compliant products, and finding guaranteed buyers. In a time of disarray and economic decline, 1Export has created a system that works for both its buyers and suppliers, making it a complete and sustainable technology platform of the country.

Continue Reading

BizNews

MSME sector is key to COVID-19 inclusive recovery for Phl – UNDP

Majority of the MSMEs still need assistance to recover from their losses. At least 60% of the respondents reported that they have not received any assistance from any stakeholder (gov’t, private sector, NGOs, and others) yet. Among the most pressing needs of MSMEs are access to credit facilities, tax breaks, and deferred loan payments.

Published

on

Photo by Luke Chesser from Unsplash.com

Despite the lifting of the enhanced community quarantine (ECQ) in Metro Manila, majority of the micro, small, and medium enterprises (MSMEs) are still temporarily closed or are operating at decreased capacity—an indicator of the difficulties they are facing in getting back to their business operations according to the recent survey conducted by the United Nations Development Programme (UNDP) on the impact of COVID-19 on MSMEs in the Philippines.

MSMEs comprise 99.5% of business establishments in the Philippines and are employing approximately 63% of the country’s workforce. In the past years, MSMEs were responsible for 40% of the country’s Gross Domestic Product (GDP). During the second quarter of 2020 and almost four months since the community quarantine was put in place, the country’s GDP sank to 16.5% as the Philippines experienced recession due to the COVID-19 pandemic.

In the first MSME online forum organized by the Philippine Disaster Resilience Foundation (PDRF) and UNDP Philippines through SIKAP (Synergizing Recovery Initiatives, Knowledge, and Adaptation Practices for MSMEs), the results of the survey were presented to more than 170 MSME owners and development organizations.

The survey also showed that out of the 285 respondents, 81% reported experiencing low consumer demand. This low demand alongside shortages related to transportation and logistics, and lack of financing capacity were cited as the primary challenges of MSME owners in resuming their operations.

Since the implementation of community lockdowns, MSMEs continued to suffer from disrupted cashflow and continuing expenses, which led to income losses. Close to 80% of the respondents reported a reduction in their average monthly income from April to June compared to their average monthly income prior to the pandemic. While 20% of the respondents tried to retain employees with full pay despite income losses, their cashflow was so severely affected that 25% of them began to lay off employees.

“We are in the middle of a once in a lifetime medical emergency. I know you are worried about your health, scared to open your businesses. But for the sake of our families and ourselves, we have to take that step and reopen while maintaining safety standards. We have to find a way to keep going as long as we need to,” said Butch Meily, President of PDRF.

MSMEs comprise 99.5% of business establishments in the Philippines and are employing approximately 63% of the country’s workforce. In the past years, MSMEs were responsible for 40% of the country’s Gross Domestic Product (GDP).

To address the adverse impacts of the COVID-19 pandemic, MSMEs started implementing adaptive business measures. Among which are digitalization or the use of online platforms for their business transactions, cost reduction, diversification of products and services, utilization of non-cash payment options, and allowing employees to work from home.

However, despite these adaptive measures, majority of the MSMEs still need assistance to recover from their losses. At least 60% of the respondents reported that they have not received any assistance from any stakeholder (gov’t, private sector, NGOs, and others) yet. Among the most pressing needs of MSMEs are access to credit facilities, tax breaks, and deferred loan payments.

“MSMEs play a crucial role in the Philippines’ efforts to recover from the crisis brought about by this pandemic. UNDP will continue to support Government and its development partners to facilitate their sector representation in policy dialogues and program planning so as to capitalize on available solutions that could prevent further closures of MSMEs. We are also working very closely with the private sector to provide online resources and to ensure that all MSMEs can get the right access to e-commerce trainings to support their digital transition. Digital infrastructure in the country is key to enable the development of a new market space online,” said Enrico Gaveglia, Officer-in-Charge of UNDP Philippines.

The result of the survey intended to provide data-driven recommendations that can help the Inter-Agency Task Force come up with more effective policies and programs that are responsive to the immediate and long-term needs of MSMEs.

Majority of the MSMEs still need assistance to recover from their losses. At least 60% of the respondents reported that they have not received any assistance from any stakeholder (gov’t, private sector, NGOs, and others) yet. Among the most pressing needs of MSMEs are access to credit facilities, tax breaks, and deferred loan payments.

Among these recommendations were the integration of MSMEs in public sector procurement, a balanced and complementing mix of monetary and fiscal policies including wide-reaching government guarantees for MSME lending that will support overall spending, and mechanisms to increase household consumption in the country. Other recommendations included addressing the challenges in public transportation to ensure safe and efficient mobility of people, products, and services, and the strengthening of supply chain management by integrating more local suppliers.

Continue Reading

BizNews

APAC SMEs adapting well to new realities of remote-first business environment – SAP

APAC SMEs are well positioned to adapt to a remote working environment by taking swift actions to implement and adjust remote work arrangements for employees in response to the onset of the COVID-19 pandemic. 77% reported that they adjusted remote work arrangements for employees in response to COVID-19, as compared to respondents in Europe (75%) and the Americas (71%).

Published

on

Photo by fauxels from Pexels.com

SAP SE unveiled findings for the study Digital Resilient, and Experience-driven: How Small and Midsize Organisations Can Prepare for the New Economy. The study highlights how small and midsize enterprises (SMEs) in Asia-Pacific (APAC) are uniquely positioned to adapt and thrive in the dynamic and distributed post-COVID-19 business environment.

Conducted in collaboration with Oxford Economics, the study also delved into the priorities, challenges, and digital maturity of SMEs in the Americas, Europe, and APAC. Of the total 2,000 respondents, 832 respondents were from the following APAC markets: Australia, China, India, Japan, New Zealand, Philippines, Singapore, and South Korea. A section detailing answers from 240 respondents on the impact of the COVID-19 pandemic was also added to the survey mid-fieldwork.

Adapting To The New World Of Work

According to the 240 that responded to the series of COVID-19 questions, APAC SMEs are well positioned to adapt to a remote working environment by taking swift actions to implement and adjust remote work arrangements for employees in response to the onset of the COVID-19 pandemic. 77% reported that they adjusted remote work arrangements for employees in response to COVID-19, as compared to respondents in Europe (75%) and the Americas (71%).

Additionally, 61% of APAC SMEs surveyed created remote work set-ups for employees during this period, while 69% invested in IT and collaboration solutions to support remote access and/or online learning. Interestingly, 10% of APAC SMEs reported that the pandemic has no impact on their ability to accommodate remote work and maintain employee productivity.

On top of supporting business continuity during this period, many APAC SMEs are also actively exploring new channels to get their products and services to customers (66%, vs. 64% in the Americas and 59% in Europe) and developing new products and service offerings (46%, vs. 40% in the Americas and 49% in Europe). 

“SMEs across the region—like their counterparts around the world—have certain advantages over larger competitors in terms of agility and closeness to the customer,” said Edward Cone, Editorial Director of Thought Leadership and Technology Practice Lead at Oxford Economics. “Yet even before the pandemic, SMEs in APAC also faced meaningful challenges in keeping up the pace of digital transformation.”

Lastly, it was revealed that COVID-19 has significantly impacted APAC SMEs’ ability to compete with larger companies within the same industry, with 45% of APAC SMEs reporting that the pandemic has had a significant effect on their operations and strategies in this area. COVID-19 has also affected the ability to operate at full capacity (45%), the ability of the supply chains to keep up with demands (40%), and the ability to keep existing customers (40%). Some respondents reported that they had to completely restructure business strategy and operations in these areas to mitigate the impact of the pandemic

Anticipating The Road Ahead

Prior to the COVID-19 outbreak, SMEs in the region reported being optimistic about their long-term prospects. Many APAC SMEs expect that over the next three years, their market share (62%), budget/revenue (76%), number of full-time employees (59%), and profitability (78%) will increase somewhat or substantially.

61% of APAC SMEs surveyed created remote work set-ups for employees during this period, while 69% invested in IT and collaboration solutions to support remote access and/or online learning. Interestingly, 10% of APAC SMEs reported that the pandemic has no impact on their ability to accommodate remote work and maintain employee productivity.

Looking ahead to the next three years, APAC SMEs are prioritising improving the customer experience (40%), growth (38%) and attracting new customers (28%). APAC SMEs believe that the key to providing high-quality customer experience lies in high-quality products and/or services (70%), fast and convenient delivery (64%) and competitive pricing (62%), with the customer-service business function bearing the most responsibility for delivering those experiences (cited by 70% of APAC respondents). Upgrading analytics on customer data is viewed as a go-to strategy to improving customer experience:  28% already have done this across the organisation, and 52% have started to. 

Staying The Course On Digital Transformation

With technology set to play an increasingly critical role in helping APAC SMEs achieve business success in the new digital environment, the study also took a closer look at digital maturity levels of these businesses across the region. Many APAC SMEs say they have made moderate progress toward digital transformation (39%), and 21% have made substantial progress or completely transformed; within three years, 19% expect to have completely transformed. In terms of technological adoption, HR/Talent management software is furthest along (66%), followed by Governance and Cybersecurity software (63%) and Finance and Risk management software (59%). Respondents reported that these technologies are either in use in some applications/projects or are already in use at scale.

Mobile devices and mobile business process enablement, and business management solutions (ERP software) share the top spot in terms of pilot implementation, and APAC SMEs are actively considering emerging technologies, AI/ML and Internet of Things (IoT) as their main investment priority.

Obstacles To Overcome

The road to success does, however, bring challenges. Today, APAC SMEs consider the upskilling/reskilling of the current workforce (30%), lack of coordination between different departments (29%), and inability to gain insights from data (28%) as key internal challenges. In terms of external challenges, APAC SMEs cite changing customer wants and needs (40%), competition from larger organisations (39%), and adapting to a rapidly changing marketplace (27%) as obstacles to their business success.

“Today’s new normal requires businesses to pivot and adapt with speed. SMEs in the region seem to understand that the sense of urgency to digitally transform their businesses will give them an advantage through the pandemic and beyond,” said Claus Andresen, SVP & Head of General Business (SME) and Emerging Markets Growth, Asia Pacific & Japan. “With the adoption of an intelligent enterprise strategy, SMEs can establish a digital core that will power the entire organisation, embedding data-driven insights and decision-making processes across the business. This is crucial in enabling business agility, further strengthening the ability of SMEs to adapt to dynamic market conditions.”

“I am confident SMEs in the region will be able to emerge stronger, having forged closer bonds with customers and employees while developing innovative services and products that will put them on a strong growth trajectory as the world economy recovers,” concluded Andresen.

Continue Reading

Trending