SUSE®, a global leader in innovative, open and secure enterprise-grade solutions, released its first ever “Securing the Cloud” APAC 2024 trend report. The industry report explores cloud security challenges in the Asia-Pacific region, focusing on the impact of Generative AI and Edge computing on cloud security.
The 2024 APAC edition of the report, sheds light on the pressing challenges faced by IT teams in securing increasingly complex cloud and edge environments and identifies key challenges to cloud adoption. It recognises that APAC IT decision makers face a unique set of opportunities and challenges and highlights significant differences in priorities and concerns across APAC countries.
Key Findings
- AI-powered cyberattacks: 63% of Indian IT decision-makers have concerns for increased AI-powered cyberattacks
- Privacy and data security concerns around Gen AI: 60% are worried about privacy and data security in GenAI cloud security.
- High incidence of cloud and edge security breaches: 89% and 91% of teams have confirmed a cloud or edge security incident over the last 12 months respectively, highlighting the pervasive nature of security challenges in the country. .
- Conditional enthusiasm for cloud migration: The high willingness to migrate more workloads to the cloud or edge if data safety can be guaranteed indicates a strong potential for increased cloud adoption. However, this enthusiasm is heavily contingent on the assurance of robust security measures, indicating that security remains a critical barrier to broader cloud adoption in the region.
- Strong concerns around data stealing and crypto mining within cluster attacks: 30% of respondents cite data stealing and crypto mining within clusters as their top security concern.
Commenting on the report, Vishal Ghariwala, Chief Technology Officer for SUSE Asia Pacific, said: “As we navigate the transformative wave of AI, India stands at a crossroads, where cloud security is not just a challenge but a catalyst for growth. The Indian government’s comments at 2023’s G20 Summit highlighted the importance of leveraging AI responsibly for the public good. This calls for embracing innovation while ensuring transparency, compliance and robust safeguards, as meaningful progress lies in our ability to secure the future of our digital landscape. SUSE remains committed to supporting businesses with tailored open source solutions to ensure security in this new innovation era. By leveraging open source, organisations can be on the front foot to protect and advance their digital practices across the dynamic market.”
Gen AI revealed as key security concern among IT decision makers across APAC countries
The report indicates that the priorities and concerns of different APAC countries diverge significantly. While Gen AI has rapidly emerged as a key threat across the region, 25% of Japanese stakeholders believe there to be no Gen AI-related security risks.
- According to the report, AI-powered cyberattacks and privacy and data security and are the top concerns in Gen AI cloud security.
- Overall, markets diverged in their perceptions of the strongest risks. Privacy and data security were the biggest risks in Indonesia, Singapore, China, South Korea, and Australia, whereas AI-powered cyberattacks were the primary concern in India and Japan .
- Younger IT professionals demonstrate the greatest awareness of GenAI-related security risks. Only 4% of respondents in the 18-54 age group did not believe there to be any risk, compared to 10% amongst those older than 55.
A high level of cloud and edge-related security incidents was reported across the APAC region – with investment in security matching challenges
On average, IT decision makers in India experienced 4.4 cloud-related security incidents in the last year – with Indonesia being the most affected after India, and Australia and Japan the least.
- 89% of Indian respondents confirmed cloud security incidents over the last 12 months, while most respondents reported Edge-related security incidents in the past year .
- India was the most severely affected, with 35% of respondents reporting five or more Edge-related security incidents respectively
- The report indicates strong divergences in the security practices. The most common current security practices include using Cloud security posture management, cloud workload protection platform, Cloud-Native Application Protection Platform solutions, security automation, DoS or DDoS protection.
- Behavioral-based runtime protection is another popular solution in India .
- The substantial portion of IT budgets allocated to cloud native security in India reflects the prioritisation of security in operational strategies.
Reflecting a similar trend in other global markets, ransomware attacks are the next cloud security concern for India.
Ransomware attacks were identified as another key security issue by 27% of IT professionals. This is followed by attacks on running services using visibility and controls to sensitive data being accessed in cloud and vulnerabilities in 3rd party images & packages
both at 27% each.
- Indian IT stakeholders identified different sets of challenges in managing and securing data at the edge. Ensuring data privacy and compliance with regulations and ensuring reliable connectivity and data transfer were considered the two most important challenges.
Certify processes and tools used to build software is considered most critical in India to mitigating software supply chain attack risks, underscoring importance of securing software supply chain
27% of Indian respondents believe that increased goals on SBOM depth / quality / security will become more of a priority for them over the next 12 months.
- To mitigate supply chain risks, Indian IT decision makers prioritise certifying software build processes and leveraging software that is backed by principal vendors .
- Whereas 40% are using libraries and container images from reliable sources against supply chain risks.
The trend report’s results reveal the unique and diverging security challenges faced by APAC countries in the adoption of cloud and edge technologies, including threats from ransomware attacks, privacy and data issues related to generative AI, and AI-powered cyberattacks.