FEATURE: CYBERSECURITY
Andrew Kay, Director of Systems Engineering, Illumio, APJ, says it’ s time for cybersecurity teams to stop playing catch up.
Each cloud provider offers its own tools, but on-prem systems are often siloed, third-party integrations create blind spots and traditional perimeter-focused tools can’ t keep up.
Even the newer solutions available frequently fall short. Cloud-native platforms work well if an organisation is entirely in the cloud, but most organisations are not. Moreover, even when visibility is achieved, it often lacks crucial context. Questions such as“ Is the asset vulnerable?”“ Is it businesscritical?” and“ Is the traffic legitimate or indicating lateral movement?” remain unanswered
Cybersecurity teams have operated in response mode for years – chasing alerts, patching vulnerabilities and trying to contain damage after incidents occur. However, today’ s environments are different: they are faster, more distributed and constantly changing.
Resilience isn’ t just about reacting quickly; it’ s about gaining better visibility, understanding the situation more deeply and stopping threats before they have a chance to spread.
Modern infrastructure is fragmented and fast-moving. Workloads span AWS, Azure, Google Cloud and onpremise data centres. Containers spin up and down in seconds. APIs connect systems across geographies. Security perimeters have all but disappeared.
Despite this complexity, many teams still rely on tools and strategies built for a centralised, static world. It’ s time to rethink how we detect and respond to threats.
The visibility crisis
This situation represents more than just a technical gap; it’ s a risk vector.
In the Asia Pacific region, this challenge is acute. A study by Frost & Sullivan and Gigamon found that 53 % of organisations in the region run more than half their workloads in the cloud. Most prefer hybrid setups, and 90 % use at least two cloud providers, making visibility even harder.
Why detection isn’ t enough
Detection tools today are good at raising flags. But they’ re not always great at helping teams understand what matters or what to do about it.
Traditional network detection relies on known patterns and signatures. It spots what it’ s been trained to see. But attackers know this. They exploit the gaps, the grey areas, the unexpected paths.
Cloud-native tools, meanwhile, focus heavily on posture. They monitor for misconfigurations or compliance drift. But they don’ t always catch live, ongoing attacks.
You can’ t fix what you can’ t see. In hybrid and multicloud environments, true visibility remains elusive.
The result? Security operations centres are drowning in alerts. Analysts overwhelmed. Response delayed. And
Building cyber resilience in a decentralised world
40 INTELLIGENTCIO APAC www. intelligentcio. com