APJ Businesses Struggle with Cybersecurity Defenses

Discover how businesses in the Asia-Pacific and Japan region face unique cybersecurity challenges and lag in adopting specialized defenses.

Akamai Technologies, Inc. the cloud-based company responsible for empowering and safeguarding online life, has today unveiled the findings of a recent study titled “From Bad Bots to Malicious Scripts: The Efficacy of Specialized Defenses.” This study reveals that businesses in the Asia-Pacific and Japan (APJ) region are lagging behind when it comes to implementing specialized security technologies compared to other global regions. Consequently, businesses in this area are encountering difficulties in thwarting malicious scripts and account takeover attacks.

The survey, which encompassed input from prominent IT and security professionals, delves into the prevalence and effectiveness of specialized third-party solutions designed to combat the challenges posed by malicious bots, account takeover (ATO) incidents, third-party scripts, and audience hijacking.

“Malicious bots, scripts, and account takeover attacks are pervasive and will continue to pose ever greater challenges for businesses,” said Reuben Koh, Director of Security Technology & Strategy at Akamai. “Adopting third-party specialized defenses not only help organizations to adapt, but also address the ever-changing attack techniques employed by cyber criminals. This also allows organizations to achieve stronger effectiveness at mitigating these pervasive online threats, while reducing overall risk for the business.”

Key findings from the report include:

Addressing Fraud and Abuse with Protective Solutions

Account Takeover (ATO):

  • APJ faces a high threat of account takeover, with 73 percent of businesses reporting attacks in the past 12 months.
  • However, APJ has the lowest deployment rate for solutions to combat account takeover threats, standing at 60 percent compared to the global average of 83 percent.
  • Globally, organizations that deployed specialized account takeover defenses reported significant improvements in:
    • Detecting fraudulent or suspicious activity (44 percent).
    • Gaining visibility into indicators of account compromise (41 percent).
    • Detecting fraudulent or suspicious logins (39 percent).

Script Protection:

  • Only 67 percent of APJ businesses use specialized script protection solutions, which is significantly below the global average of 85 percent.
  • Despite this, over three-quarters (78 percent) of APJ businesses have been targeted by malicious scripts in the past year.
  • The upcoming PCI DSS 4.0 regulation, a global standard for protecting account data, will introduce specific requirements for addressing these threats.
  • Globally, 71 percent of those employing third-party solutions reported a significant reduction in abusive script behaviors, with the top three gains being:
    • Detecting compromised first and third-party scripts (38 percent).
    • Prioritizing events requiring investigation (38 percent).
    • Meeting compliance requirements (38 percent).

Malicious Bots:

  • In the previous 12 months, 64 percent of APJ experienced bot attacks, compared to a global average of 75 percent.
  • Globally, almost all organizations (97 percent) reported improvements in combating bots, with more than half (54 percent) of those using third-party solutions noting significant enhancements in their cybersecurity capabilities.
  • The top three capabilities and gains included:
    • Handling high-traffic events and surges (47 percent).
    • Improving marketing effectiveness (42 percent).
    • Balancing security controls with performance optimization (41 percent).

Audience Hijacking:

  • Almost all APJ organizations (92 percent) are aware of audience hijacking, with 26 percent having been affected by it.
  • Audience hijacking often results in direct revenue loss for online retailers due to consumers choosing alternatives influenced by lower prices or fraudulent advertising.
  • Globally, businesses affected by audience hijacking reported two primary impacts:
    • Increased cart abandonment (43 percent).
    • Increased affiliate fraud (41 percent).