sb-as logo
Story image

74% of Asia-Pacific-Japan organisations face cybersecurity poverty

21 Jul 2016

Seventy-four percent of APJ respondents are at 'significant' risk of cyber incidents, and 70% have had cyber breaches that have negatively impacted their business, a new RSA survey has found.

The RSA Cybersecurity Poverty Index examined more than 200 respondents in the APJ region, using the NIST Cybersecurity Framework (CSF) as a guide. The survey found that only 23% of organisations consider their cyber security strategy 'mature' and many will only invest in cybersecurity after an incident has happened.

“The results of this research provide insight into how the APJ region can improve its overall cybersecurity maturity. Over the next few years, we are bound to face more vulnerabilities as technology and internet penetration in the region is set to grow in parallel alongside sophisticated cyber threats," says Nigel Ng, vice president, APJ, RSA, The Security Division of EMC.

The survey says that organisations are unable to quantify the Cyber Risk Appetite, which makes it harder for them to plan security strategies such as mitigation and investment.

"Southeast Asia, which is now the world’s fastest-growing internet region globally, where the internet user base is expected to double to 480 million by 2020. So it is more important than ever for organisations of all sizes to acknowledge weaknesses, review their cybersecurity strategies and move beyond conventional approaches – like perimeter-based protection -- when thinking about security," Ng continues.

The survey also found that Response and Detection strategies were the least mature, despite being the most powerful ways to combat cyber incidents. Instead, businesses are more focused on Protection, which the report says are becoming 'increasingly ineffective' as threats become more complex.

The report says 'Organisations must focus on executing preventative strategies and improving capabilities that offer complete visibility to detect and respond to advanced threats before they can impact the business'.

In addition, smaller businesses with fewer than 1000 employees are less likely to have clear strategies, with 85% stating they are 'not well prepared' for cyber threats, compared to 61% of medium businesses (1000-10,000 employees) and 65% of large businesses (10,000+ employees).

The survey says smaller organisations are potentially better targets as they are significantly less prepared than larger organisations.

The survey was a self-assessed by respondents in the Asia-Pacific region and analysed the Identify, Protect, Detect, Respond and Recover functions as outlined in the NIST CSF.

Story image
Gartner reveals the top strategic tech trends for 2021
“CIOs are striving to adapt to changing conditions to compose the future business - this requires the organisational plasticity to form and reform dynamically. Gartner’s top strategic technology trends for 2021 enable that plasticity.”More
Story image
Attack from DOS: In Zero We Trust
In combination with malware, DDoS attacks on banks have been used to cause distraction so the transfer of stolen funds goes unnoticed. More
Story image
Video: 10 Minute IT Jams - Security expert discusses changing cyber-attacker behaviour
In this Jam to SonicWall senior manager of product marketing Brook Chelmo, who talks about the specific changes in cyber-attacker behaviour he's seen unfold this year, as well as some best practices that should be employed by CISOs to combat increasing risk profiles.More
Link image
Are you prepared for ransomware? Get your free prevention kit
Learn actionable tactics for IT departments on how to manage backups and enable staff so that ransomware is no longer a mythical threat, but a controlled risk.More
Link image
Webinar: The key to video chat privacy
Complete privacy is not always guaranteed on video chats. Here's how to secure your communications on a multi-tenant public cloud.More
Story image
Financial institutions in APAC region to invest millions in fraud prevention
"The pandemic is creating a lot of uncertainty, but the majority of FIs in APAC recognise that an end to end fraud management platform is strategic to differentiating themselves from the highly disruptive landscape they are playing in."More