After the key year of digital transformation and cloud migration, the world is changing faster, with new technologies emerging rapidly. Now, Taiwanese businesses are facing a new crisis — cybersecurity, which is broader, deeper, and more challenging. Taiwan is almost at the center of this crisis, and one of the most affected regions.
In October 2022, Taiwan experienced the first-ever nationwide data breach in its history, with 23 million records leaked and sold. In less than half of 2023, major corporations have already faced successive data breach scandals.
"For most foreign companies today, no matter how good the system’s functionality is, if cybersecurity fails inspection, they won’t even look at it," said James Chien, CEO of MAYO. MAYO currently serves over 1,300 clients, including many well-known publicly listed, multinational corporations and foreign companies, as well as several Fortune Global 500 companies.
According to an IMPERVA cloud services report, data shows that Taiwan is the second most targeted country globally for network-layer DDoS attacks, behind only the United States. These attacks have broken records in terms of volume, frequency, and complexity, with the financial, public relations, and entertainment industries being the most affected.
A Global Crisis Second Only to the U.S.! Leading HR System Provider MAYO: Implementing Professional Cloud Solutions Ensures Customer Trust
Aries Lee, CEO of Netron, a leader in cloud security for Taiwanese enterprises, analyzed that the number of attacks on Taiwan has increased sharply since last year. In 2022 alone, Netron added more than 600 new client contracts, with a total of about 1,650 clients over two years, many from the financial and manufacturing sectors. "This growth trend is very clear. Last year alone, we handled 900,000 attacks for our clients."
This significant increase is closely related to the digital transformation wave driven by the pandemic. COVID-19 forced many companies to adopt cloud services, giving employees the convenience of cloud-based clock-in, leave, and approval processes. In this heightened cybersecurity awareness, cloud-based HR systems, which manage sensitive employee data such as salaries and contact information, have become increasingly important. As a result, MAYO decided to collaborate with Netron to implement world-class cybersecurity tools, including the IMPERVA cloud firewall service, enhancing data monitoring and protection in multiple ways. This has been a key factor in MAYO winning over many customers.
The IMPERVA report further pointed out that application-layer DDoS attacks increased by 82% compared to 2021. Attacks on the global financial services sector increased by 121%. Up to 46% of companies that have been attacked experience repeated attacks. As the intensity of attacks increases, how can Taiwanese businesses prepare to stand strong in this era of looming crises?
Lack of Cybersecurity Talent! Every Second Counts in the Fight Against Attacks, MAYO Uses IMPERVA Cloud Services and Invests in Employee Training
At the end of 2021, the Financial Supervisory Commission (FSC) revised regulations requiring publicly listed companies to establish a Chief Information Security Officer (CISO) and dedicated cybersecurity unit by the end of 2022–2023. At that time, the industry estimated that the Taiwan market would face a shortage of more than 20,000 cybersecurity professionals. The regulations highlighted the critical shortage of cybersecurity talent in Taiwan. To fill the gap, collaborating with external vendors and cloud cybersecurity providers is essential for addressing the lack of internal talent or the inability of internal staff to respond in real-time to security incidents.
Aries Lee cited the IMPERVA report, which further illustrated that 70% of attacks occur within 15 minutes, with DDoS attacks being the most common. While many international corporations can activate Service Oriented Architecture (SOA) within 15 minutes, with the IMPERVA services Netron implemented for MAYO, activation takes just 3 seconds.
James Chien emphasized the importance of internal education and training for employees. At MAYO, employees undergo training every quarter to ensure data is not leaked due to improper access. "We have strict guidelines and restrictions, so employees at different levels can only access specific data. We also regularly scan for vulnerabilities and engage third-party security companies to perform audits."
Don’t Know Where to Start! Netron Helps Companies Identify Sensitive Data and Secure It, Helping MAYO Gain Customer Trust
Adopting cloud services poses mental hurdles for many business owners. For example, HR systems used to be self-hosted, but now companies are transitioning to cloud solutions. "I’ve found that when companies put their data on the cloud, many in Taiwan misunderstand and feel it’s dangerous," observed James Chien. Smaller businesses often have weaker cybersecurity practices, while larger companies tend to focus more on these concerns.
Moreover, many companies lack awareness of data security and personal data protection. The IMPERVA report noted that 54% of businesses don’t know where their sensitive data is stored, and 65% of companies say they have so much data that they can’t classify or analyze it. Without identifying sensitive information and monitoring access, businesses can’t uncover potential security vulnerabilities, let alone preemptively mitigate risks.
Additionally, the severity, volume, and storage methods of sensitive data must be assessed. "Netron's services not only address external attacks but also help with internal