进一步了解零信任安全性
Palo Alto Networks Hong Kong

HONG KONG – October 24, 2019 – Palo Alto Networks (NYSE: PANW), the global cybersecurity leader, today released a report that uncovers the truth about the state of cloud security among large organisations in Hong Kong and across Asia Pacific, including many cases where there is a mismatch of perception versus the reality of professionals who know best. 

 

Conducted by Ovum Research, the report shows that large enterprises, defined as those with more than 200 employees, are unprepared for cloud-related cybersecurity threats, and more importantly, make the assumption that public clouds are by default secure. In fact, 76 percent of large enterprises in Hong Kong believe that security provided by cloud providers is sufficient to protect them from cloud-based threats. 

 

“The Cloud Security Study raises questions about how Hong Kong enterprises are approaching and addressing cloud security,” said Wickie Fung, managing director, Hong Kong and Macau at Palo Alto Networks. “Enterprises appear to be reticent, for example, in their belief that the responsibility for cloud security lies solely with cloud providers.”

 

Large Organisations Have Many Security Tools, but Lack a Unified View of Security

 

Among the companies surveyed in Hong Kong, more than half of them (62%) operate with more than 10 security tools within their infrastructure to secure their cloud. However, having numerous security tools creates a fragmented security posture, adding further complexity to managing security in the cloud, especially if the companies are operating in a multi-cloud environment. 

 

The multi-cloud approach creates a dangerous lack of visibility that is prevalent in 68 percent of large organisations surveyed, according to Andrew Milroy, head of advisory services, Asia-Pacific, Ovum. 

 

“The ubiquity of multi-cloud deployments in large organisations calls for a unified view of all cloud-native services. It is ideal for organisations to have a central console that uses technologies such as artificial intelligence to help prevent known and unknown malware threats, and quickly remediate accidental data exposure when it arises,” said Milroy.

 

Large Organisations Lack Cloud Security Audits and Training 

 

The need for automation is further underscored by the study, which revealed that large organisations do not have enough time and resources to dedicate to cloud security audits and training. 

 

77 percent of organisations have either never conducted a security audit or do not do it on a yearly basis. Furthermore, a quarter of audits do not even include cloud assets and 69 percent of organisations conduct internal audits only. Besides audits, there is also inadequate cloud security training for both IT and non-IT staff. 

 

About 57 percent of Hong Kong organisations do not provide cybersecurity training to IT security employees on a yearly basis. It is, therefore, not surprising that staff outside of IT departments receive even less training – 74 percent of non-IT professionals do not receive cybersecurity training on a yearly basis.

 

Despite organisations’ inability to provide more frequent audits and security training for IT teams and employees, it is encouraging to see that more than half (56%) of the organisations surveyed use threat intelligence and analytics to identify new threats and take necessary action. Some 18 percent of the organisations have also equipped themselves with real-time threat monitoring capabilities. 

 

In order to be truly secure in cloud environments, it is pertinent for organisations in Hong Kong to be cognisant of cloud security best practices, which include:

 

  • Building security into the cloud environment from the get-go; security should be an enabler to accelerate cloud adoption.

  • Developing consistent security policies across all types of cloud deployments, which can be implemented properly through the help of tools that provide a unified view of all cloud assets and the threats they face. 

  • Allowing for frictionless deployment and easy scalability in multi-cloud environments, bridging the gap between highly controlled security teams and highly agile development teams.

  • Increasing audits and training for IT and non-IT employees.

  • Automating threat intelligence with natively integrated, data-driven, analytics-based approaches by leveraging machine learning / artificial intelligence to avoid human error.

 

“Organizations need to recognize that cloud security is a shared responsibility. While cloud providers are responsible for the security of their infrastructure, the onus is on organizations themselves to secure their data and applications,” added Fung.

 

Learn More

  • The Asia-Pacific Cloud Security Study’ report features analysis and best practices that can be implemented to help companies in Asia-Pacific protect themselves from cloud-based threats.



Note to Editors

The survey was conducted amongst 500 respondents from various vertical industries of large businesses with over 200 employees across five countries/region in Asia-Pacific. There were 100 respondents per country/region in Australia, China, Hong Kong, India and Singapore.

 

The companies surveyed needed to have 200+ employees and all had to be using public cloud as a minimum. The respondents to the survey ranged from owners to business directors and C-level executives, all of whom had to be either the final decision-maker or the influencer when it came to the organisations’ cloud strategy. 

 

For more information on Palo Alto Networks cloud security offerings, visit https://www.paloaltonetworks.com/cloud-security.



###

About Palo Alto Networks 

Palo Alto Networks, the global cybersecurity leader, is shaping the cloud-centric future with technology that is transforming the way people and organizations operate. Our mission is to be the cybersecurity partner of choice, protecting our digital way of life. We help address the world's greatest security challenges with continuous innovation that seizes the latest breakthroughs in artificial intelligence, analytics, automation, and orchestration. By delivering an integrated platform and empowering a growing ecosystem of partners, we are at the forefront of protecting tens of thousands of organizations across clouds, networks, and mobile devices. Our vision is a world where each day is safer and more secure than the one before. For more information, visit www.paloaltonetworks.com.

 

Palo Alto Networks and the Palo Alto Networks logo are trademarks of Palo Alto Networks, Inc. in the United States and in jurisdictions throughout the world. All other trademarks, trade names or service marks used or mentioned herein belong to their respective owners.

 

Media contacts:
Libby Chang
Communications Specialist, Asia Pacific, Palo Alto Networks
+65 9014 9913
libbychang@paloaltonetworks.com

 

Ivan Theodoulou
Regional Director, Newell PR
+852 2117 5007
ivant@newell.com

资源

什么是零信任架构

Zero Trust has become one of cybersecurity’s latest buzzwords. It’s imperative to understand what Zero Trust is, as well as what Zero Trust isn’t.

4 分钟阅读
  • 1203

数据表

PA-3200 Series 数据表

Palo Alto Networks® PA-3200 Series 新一代防火墙由 PA-3260、PA-3250 和 PA-3220 组成,均针对高速互联网网关部署而设计。PA-3200 Series 将专用处理进程和内存用于网络、安全、威胁防护和管理,以保护包括加密流量在内的所有流量。

  • 10925

数据表

防火墙概述

Palo Alto Networks 新一代防火墙 应用使用情况、用户行为和错综复杂的网络基础架构所发生的根本性转变带来 了新的威胁形势,基于端口的传统网络安全措施的弱点暴露无遗。

  • 12763

数据表

PA-800 Series 数据表

Palo Alto Networks PA-800 新一代防火墙设备由 PA-820 和 PA-850 组成,专用于保护企业分支机构和中等规模企业。

  • 5336

白皮书

Cortex XDR 白皮书

安全团队面临着来自四面八方的威胁:从勒索软件到网络间谍活动,从无文件攻击到具有破坏性的数据泄露。然而,对于大部分安全分析师而言,令人头痛 的并不是那些霸占新闻头条、数量无穷无尽的风险,而是令人泄气、却每天不 得不去做的重复性任务,比如分类事件和尝试减少不断产生的积压警报。

  • 1842

白皮书

使用 GLOBALPROTECT 替代传统远程访问 VPN

概述 当今的安全团队必须保护其数据远离新型威胁,同时为用户进行以下操作提供安全性: 1. 使用互联网 2. 访问数据中心中的应用程序 3. 访问公共云或 SaaS 中的应用程序 这些要求并不容易满足,因为当今的单点产品集合非常复杂而且并未集成,它们对每个要 求进行相互独立的处理,由此而产生了不一致和管理开销。

  • 5403

获取最新资讯、活动邀请以及威胁警报

热门资源

法律声明

热门链接

报告漏洞

版权所有 © 2022 Palo Alto Networks。保留所有权利
苏州尚葡信息科技有限公司版权所有 苏ICP备16026201号-3