Cybersecurity is

(Source – Shutterstock)

India, Australia, and Japan identify software supply chain and cybersecurity skills shortages as key challenges

  • New Trellix report finds that 89% of respondents from India, Japan, and Australia believe government-led initiatives can play a critical role in enhancing nations’ cyber defenses.
  • The lack of in-house cyber skills and implementation expertise are identified as critical barriers to the deployment of advanced cyber defense technologies.
  • 82% of global respondents believe software supply chain risk management is of either high or crucial importance for national security.

While organizations continue to invest in cybersecurity to deal with cyberattacks, respondents from Trellix’s Cyber Readiness Report feel that government-led initiatives can play an important role in improving protection against cyber threats.

To be precise, 89% of the respondents from India, Australia, and Japan see opportunities for improvement in their partnerships with the government in areas such as cyber defense coordination, threat information sharing, and software supply chain integrity.  The study, based on research conducted globally by Vanson Bourne, surveyed 900 cybersecurity professionals from organizations with 500 or more employees, including 200 respondents in India, Australia, and Japan.

According to Bryan Palma, CEO of Trellix, global tensions and cyber-warfare incidents in Ukraine sharpen our focus on the cyber readiness of government and critical infrastructure. He explained that the report assesses the progress of new technology implementation, like XDR. It also identifies areas of opportunity for stronger public-private partnerships, where increased coordination will keep organizations ahead of their adversaries.

The survey resulted in three key areas that respondents highlighted. The first would be cybersecurity technology adoption. 32% of Japanese respondents claim to have fully implemented endpoint detection and response and extended detection and response (EDR-XDR) and cloud cybersecurity modernization, with zero trust and multifactor authentication (MFA) appearing to be close behind with 31 percent and 29 percent respectively.

Meanwhile, 32% of Indian respondents claim to have fully implemented cloud cybersecurity modernization. The cyber defense technologies lagging furthest behind within this group appear to be zero trust architectures and EDR-XDR with only 25% and 22% fully deployed respectively.

In Australia, 31% of respondents reported fully deploying EDR-XDR solutions. Technologies lagging further behind include cloud cybersecurity modernization (24%), MFA (24%), and zero trust (16%).

Software supply chain

When it comes to software supply chain risk, 82% of global respondents believe software supply chain risk management policies and processes are of either high or crucial importance to national security.

Despite this, only 26% of Japanese respondents claim to have fully implemented such practices followed by 40% of Australians and 35% of Indians. A majority of respondents from all three countries felt that the solutions were hard to implement.

Hence, more than half of respondents from each country support government mandates demanding cybersecurity standards for software. But respondents from all three countries are concerned there could be drawbacks to such mandates. Among the drawbacks include complexity and high costs of implementation.

Cybersecurity skills challenges

(Source – Trellix)

While survey respondents identified a variety of barriers to the implementation of advanced technologies, a cybersecurity talent shortage was revealed across the three countries. A lack of implementation expertise, as well as a lack of in-house staff resources, are seen as some of the biggest barriers. These findings mirrored cybersecurity skills shortages in the U.S. and Europe.

“The cyber skills gap is well known; the report highlights the deficit is stifling the deployment of cybersecurity technology. Whatever innovation advantage the U.S. and its allies believe we have is irrelevant if we cannot implement the solutions,” commented Palma.

As such, all three countries believe there is room for improvement in the level of cybersecurity partnerships between their national governments and organizations. In India, more than half of the respondents believe their government could provide more funding to organizations such as theirs to improve cybersecurity. Another half favor tighter cooperation on the investigation of attacks following their discovery.

Half of the Australian respondents supported a combination of incident notification and liability protection to facilitate sharing of attack data between impacted organizations, government partners, and industry audiences. Half of the Japanese respondents showed support for tighter cooperation in the investigation of attacks following their discovery.

In terms of the types of data the government should share to help organizations better protect themselves, nearly two-thirds of Indian respondents valued more data about common cybersecurity vulnerabilities. 61% of Japanese and 56% of Australians surveyed said they would like to receive more data on attack vectors used by adversaries. All three countries would like to receive more data on cyber-attacks in progress.