Global cybersecurity leader Palo Alto Networks revealed in its 2023 State of Cybersecurity in ASEAN Report that one out of three small and medium enterprises (SMEs) in the Philippines and Southeast Asia is not confident in tracking cybersecurity breaches amid a hybrid work environment. With 41% of their infrastructure and processes running in the cloud for onsite and work-from-home setup, SMEs are most concerned about password attacks (63%), malware attacks (56%), and account takeovers (53%).
Steven Scheurmann, Vice President for ASEAN at Palo Alto Networks, shared, “In observance of Cybersecurity Awareness Month this October, we are reinforcing our mission of empowering SMEs with a stronger cybersecurity posture, recognizing their pivotal role as the backbone of our economy. It’s crucial to remember that SMEs, just like larger organizations, hold valuable data sought after by cyber attackers for financial gain.”
For two years in a row, adopting cloud security has been a top cybersecurity strategy for SMEs. However, hybrid work continues to pose challenges for SMEs in securing their cloud applications and services due to risks associated with unsecured home networks and personal devices. These risks include data breaches, which can threaten both SME employees and customers, potentially leading to identity theft and unauthorized financial transactions. These vulnerabilities make it challenging for almost one-third of SMEs to procure a broader range of cybersecurity solutions for hybrid work.
To stay ahead of threats, Scheurmann underscored non-negotiables that SMEs should look for when securing cloud infrastructure in hybrid environments.
Holistic visibility of network traffic. Imagine your company’s network as a bustling airport, where employees work from different ‘terminals’ or physical locations, such as offices, homes, or remote sites. The challenge resembles airport security—knowing who’s allowed to board ‘network flights’ and who’s not. The airport needs to have visibility on every ‘passenger’ (devices and users) and verify their ‘boarding passes’ (access permissions). This holistic visibility ensures SMEs that only authorised users and devices get access to data and applications.
Zero Trust Network Access (ZTNA). ZTNA operates on the principle of ‘never trust, always verify.’ If an SME’s network is a mall establishment, not all of its tenants can freely move around the building. ZTNA acts as the diligent security manager, ensuring that each ‘tenant’ (employee) must show their identification and state their purpose before gaining access to areas reserved for authorized personnel only.
AI and machine learning. Artificial intelligence (AI)-backed machine learning in network security is like having personalized content recommendations on your social media. Just as algorithms analyze your preferences for tailored suggestions, AI-driven firewalls with machine learning analyze network traffic, predict, and prevent cyber threats that are also increasingly sophisticated due to AI. They continually adapt, ensuring SMEs are equipped to protect themselves from emerging threats.
“Even small-sized and resource-constrained businesses can establish a formidable security posture, rendering it challenging for attackers to breach, provided a strong cybersecurity hygiene culture prevails within the company. Holistic visibility, a zero-trust approach, and AI integration will help ensure that SMEs can scale up their cloud security to protect against both current and future threats, no matter where they choose to work,” concluded Scheurmann.
