Cybersecurity leads boardroom agendas among ASEAN organisations in light of pandemic-induced shifts

New research from Palo Alto Networks reveals majority of ASEAN organisations (92%) believe cybersecurity to be one of the top priorities for business leaders

Palo Alto Networks (NASDAQ: PANW), the global cybersecurity leader, today unveiled new research which found ASEAN business leaders prioritising cybersecurity issues at the board level, as a result of the disruptions brought about by COVID-19. The State of Cybersecurity in ASEAN study surveyed and received responses from 500 respondents representing businesses across Singapore, Malaysia, Indonesia, the Philippines and Thailand on their response to the cybersecurity challenges in 2021 and outlook for the future.

Cybersecurity becomes a top business priority

Against the pandemic backdrop, cybersecurity has risen to the top of the leadership agenda for many ASEAN businesses — a vast majority (92%) believes cybersecurity to be a priority for their business leaders today. Nearly 3 in 4 (74%) also believe their leadership has increased the focus on cybersecurity. This is reflected in nearly half (46%) discussing cybersecurity issues at the board level every quarter, and as much as 38% taking up such discussion on a monthly basis.

Leaders are also taking concrete actions to beef up their organisation’s cybersecurity capabilities, as 96% of organisations reported maintaining a dedicated in-house IT team responsible for managing cyber risks. Over two-thirds (68%) reported plans to increase their cybersecurity budgets in 2022, driven by the adoption of next-generation security capabilities (48%); the need to address existing cybersecurity gaps (46%); and the need to optimise operations (44%).

“The pandemic has served as a catalyst for ASEAN business leaders to sit up and pay greater attention to their cybersecurity defence measures — many are recognising the deep impact it can have on their business continuity. To manage today’s remote workforce in a digital-first environment, cybersecurity must be integrated horizontally across all facets of the business and considered as part of every corporate action,” said Ian Lim, field chief security officer, Palo Alto Networks. “As new and unexpected threats continue to shake up businesses of all sizes and industries, there needs to be closer collaboration between both technology and business leaders to tackle these novel challenges.”

Shift towards remote work brings on new cybersecurity challenges

With demand for remote access by employees working from anywhere becoming a norm, the infrastructure of many businesses hasn’t been designed to cope. Unsurprisingly, this working arrangement has brought on a new set of cybersecurity challenges.

The survey respondents reported that, amongst others, the most pertinent is the increase in digital transactions with suppliers and other third parties (54%); the need to procure a wider array of cybersecurity solutions to protect themselves from cyberthreats (54%); and unmonitored and unsecured IoT devices connected to the corporate network (51%).

The majority of ASEAN organisations (94%) also experienced a rise in the number of attacks in 2021, with close to a quarter (24%) experiencing 50% and more increase in disruptive cyberattacks.

Financial institutions prime targets but feel best-prepared against attacks

Amongst all industries surveyed, financial services (45%) and fintechs (42%) notably perceive themselves to be most at risk of cyberattacks. Of note, malware attacks were identified as  a top concern.

However, these two industries are also most confident of the cybersecurity measures put in place to protect themselves from attacks. This confidence might stem from a higher focus on cybersecurity reported by business leaders in financial services (79%) and fintechs (76%) compared to the average of 74%. Cybersecurity budgets have also increased the most for organisations in financial services (81%) and fintechs (75%), compared to the 68% average.

Evolving cybersecurity strategies for a post-COVID world

As COVID-19 increasingly drives work and leisure activities towards online platforms, ASEAN organisations predict that the one cybersecurity trend we need to pay attention to the most in 2022 will be for cyberattacks to affect our personal safety. This is against the backdrop of organisations accelerating their digital transformation by increasing investment in mobile applications (58%), expanding their remote workforce (57%), and expanding the footprint of smart devices (57%).

Digital technologies have also become more interwoven into the workplace, due to the disruption of the pandemic. As a result, 9 in 10 (90%) ASEAN organisations are evolving their cybersecurity strategies to stay protected from attacks. Across all sectors, adopting cloud security (54%) is the top post-pandemic measure taken by organisations, followed by IoT/OT security (46%) and access management (45%).

Here are some best practices and recommendations for enterprises to stay ahead of cybersecurity threats:

  • Conduct a cybersecurity assessment to better understand, control and mitigate risks. This will help organisations to prioritise countermeasures and identify where resources are needed to defend against sophisticated attacks.
  • Adopt a Zero Trust framework to address the cybersecurity threats of today and design architecture with an “assume-breach” mindset. Deploy technology to continuously validate the legitimacy of digital interactions and establish rapid response capabilities to quickly address the early signs of a breach.
  • Choose a partner not a product. A good cybersecurity partner can provide the latest threat intelligence and offer practical advice on how to build a cyber resilient architecture across all environments (e.g., on-premises, cloud, edge).