He went on to add that Asia was the number one most targeted region for cyber attacks representing 26% of attacks analysed in 2021, as per an IBM global analysis report. Interestingly, Hockings said this is the first time that Asia has been at the top spot for the same.
IBM considers Asia to include Australia, East and Southeast Asia, India, and the Pacific islands. As per the report, Japan, Australia and India were the most-attacked countries in Asia. Server access attacks (20%) and ransomware (11%), data theft (10%) were the top attack types observed in Asia. Vulnerability exploitation and phishing tied for the top infection vector at Asian organizations in 2021, each representing 43% of attacks observed in the region, Hockings said.
“Financial services and manufacturing were the top attacked industries in Asia, representing nearly 60% of attacks studied,” he said. “The attackers were looking for leverage in 2021 with increased supply chains under pressure because of the pandemic and as people were doing a lot more online commerce during the pandemic as well.”
He said IBM’s investment in the recently opened IBM Security Command Center in Bengaluru which is the first of its kind in the Asia Pacific (APAC) for training cybersecurity response techniques through realistic, simulated cyber attacks is the company’s response to this growing threat. The investment also includes a new Security Operation Center (SOC) which is part of IBM’s network of existing global SOCs – providing 24X7 security response services to clients around the world.
The company said the Center in Bengaluru can deliver customized experiences and workshops – including virtually – that are tailored to an organizations’ unique security requirements and objectives, leveraging the IBM Cyber Range Design consulting team.
Discover the stories of your interest
“Cyber Range is designed to help clients test their response capabilities by putting them under a cyber incident scenario. And testing everything from what actions are being taken to whether those actions are effective in cases of a threat occurring,” Hockings said. “The target is to give clients the opportunity and not necessarily just security teams, but executive teams to experience a cyber incident in a safe operating environment, with the pressure, the dynamic environment that often comes with it.”