Palo Alto Networks, the global cybersecurity leader, unveiled new research which found ASEAN business leaders prioritising cybersecurity issues at the board level, as a result of the disruptions brought about by COVID-19.
The State of Cybersecurity in ASEAN study surveyed and received responses from 500 respondents representing businesses across Singapore, Malaysia, Indonesia, the Philippines, and Thailand on their response to the cybersecurity challenges in 2021 and outlook for the future.
Cybersecurity becomes a top business priority
Against the pandemic backdrop, cybersecurity has risen to the top of the leadership agenda for many ASEAN businesses — a vast majority (92%) believes cybersecurity to be a priority for their business leaders today. Nearly 3 in 4 (74%) also believe their leadership has increased the focus on cybersecurity.
Leaders are also taking concrete actions to beef up their organisation’s cybersecurity capabilities, as 96% of organisations reported maintaining a dedicated in-house IT team responsible for managing cyber risks.
Over two-thirds (68%) reported plans to increase their cybersecurity budgets in 2022, driven by the adoption of next-generation security capabilities (48%); the need to address existing cybersecurity gaps (46%); and the need to optimise operations (44%).
“The pandemic has served as a catalyst for ASEAN business leaders to sit up and pay greater attention to their cybersecurity defence measures — many are recognising the deep impact it can have on their business continuity,” said field chief security officer, Palo Alto Networks, Ian Lim.
“To manage today’s remote workforce in a digital-first environment, cybersecurity must be integrated horizontally across all facets of the business and considered as part of every corporate action,”
“As new and unexpected threats continue to shake up businesses of all sizes and industries, there needs to be closer collaboration between both technology and business leaders to tackle these novel challenges,” he added.
Shift towards remote work brings on new cybersecurity challenges
With demand for remote access by employees working from anywhere becoming a norm, the infrastructure of many businesses hasn’t been designed to cope. Unsurprisingly, this working arrangement has brought on a new set of cybersecurity challenges.
The survey respondents reported that, amongst others, the most pertinent in Malaysia is the increase in digital transactions with suppliers and other third parties (58%); unmonitored and unsecured IoT devices connected to the corporate network (58%), and the need to procure a wider array of cybersecurity solutions to protect themselves from cyberthreats (55%);
The majority of ASEAN organisations (94%) also experienced a rise in the number of attacks in 2021, with one in five (20%) Malaysian organisations experiencing 50% and more increase in disruptive cyberattacks.
Financial institutions prime targets but feel best-prepared against attacks
Amongst all industries surveyed, financial services (45%) and fintechs (42%) notably perceive themselves to be most at risk of cyberattacks. Of note, malware attacks were identified as a top concern.
However, these two industries are also most confident of the cybersecurity measures put in place to protect themselves from attacks.
This confidence might stem from a higher focus on cybersecurity reported by business leaders in financial services (79%) and fintechs (76%) compared to the average of 74%. Cybersecurity budgets have also increased the most for organisations in financial services (81%) and fintechs (75%), compared to the 68% average.
Evolving cybersecurity strategies for a post-COVID world
As COVID-19 increasingly drives work and leisure activities towards online platforms, ASEAN organisations predict that the one cybersecurity trend we need to pay attention to the most in 2022 will be for cyberattacks to affect our personal safety.
This is against the backdrop of Malaysian organisations accelerating the remote workforce (68%), followed by increasing the investment in mobile applications (58%), Cloud adoption (52%), and 5G (39%).
Digital technologies have also become more interwoven into the workplace, due to the disruption of the pandemic. As a result, 9 in 10 (90%) ASEAN organisations are evolving their cybersecurity strategies to stay protected from attacks.
In Malaysia, the adoption of Revamping Threat Detection and Correlation systems (50%) and cloud security (49%) are two important measures to be implemented by organisations, followed by securing IoT /OT (44%), identity and access management (43%) and Secure Access Service Edge (SASE) strategy (39%).
“In order to effectively partake in Malaysia’s journey of digital transformation, it is imperative for organisations to design and implement an effective and full-proof cybersecurity strategy,” said country manager, Palo Alto Networks, Malaysia, Suk Hua Lim.
“It is inspiring to see that Malaysian organisations have confidence in their cybersecurity measures and that they are highly aware of taking the right decisions in protecting the nation from cyber disruptions,” she added.
Here are some best practices and recommendations for enterprises to stay ahead of cybersecurity threats:
- Conduct a cybersecurity assessment to better understand, control and mitigate risks. This will help organisations to prioritise countermeasures and identify where resources are needed to defend against sophisticated attacks.
- Adopt a Zero Trust framework to address the cybersecurity threats of today and design architecture with an “assume-breach” mindset. Deploy technology to continuously validate the legitimacy of digital interactions and establish rapid response capabilities to quickly address the early signs of a breach.
- Choose a partner not a product. A good cybersecurity partner can provide the latest threat intelligence and offer practical advice on how to build a cyber resilient architecture across all environments (e.g., on-premises, cloud, edge).