As Cybersecurity Incidents Surge, Businesses in the Asia Pacific Region Express Insufficient Preparedness

Explore how businesses in the Asia Pacific region are grappling with increasing cybersecurity incidents while expressing concerns about their level of preparedness. Delve into the challenges posed by rising cyber threats and the strategies these businesses are adopting to enhance their cybersecurity measures.

Cloudflare Inc., a company dedicated to enhancing security, performance, and dependability on the Internet, has released a new study focusing on cybersecurity in the Asia Pacific region. The study, titled “Securing the Future: Asia Pacific Cybersecurity Readiness Survey,” presents the most recent data concerning cybersecurity readiness in this area. The findings shed light on how organizations are dealing with the increasing number of cybersecurity incidents, their levels of preparedness, and the outcomes they are encountering. Notably, the study reveals that despite the escalating frequency of cyberattacks, a significant majority of organizations are ill-equipped to handle these threats.

Rising Instances of Cybersecurity Incidents for Organizations

The study, encompassing responses from over 4,000 cybersecurity decision makers and leaders across countries like Australia, China, Hong Kong SAR, India, Indonesia, Japan, Malaysia, New Zealand, the Philippines, Singapore, South Korea, Taiwan, Thailand, and Vietnam, highlights that 78% of participants encountered at least one cybersecurity incident within the last 12 months. Among those who faced such incidents, 80% reported experiencing four or more, while 50% were subject to 10 or more. Alarmingly, 72% anticipate a surge in these incidents in the coming year.

Lack of Preparedness Despite Escalating Threats

In spite of the increasing occurrence of cybersecurity incidents, only 38% of respondents consider themselves well-prepared to tackle such attacks. Among specific sectors, Healthcare (16%), Education (13%), Government (10%), and Tourism (10%) indicate a higher likelihood of being unprepared to effectively handle cybersecurity incidents. Moreover, the study unveils that around 63% of participants noted a financial impact of at least US$1 million on their organizations due to cybersecurity incidents over the past year. Among them, 14% reported losses exceeding US$3 million. Concerns regarding regulatory action are also evident, with 33% disclosing that their organizations reported breaches to relevant authorities. Similarly, 26% had to pay fines, and a similar percentage faced legal actions.

Talent Shortages and Varied Cyberattacks Pose Challenges

The study emphasizes that talent shortages remain a prevalent challenge in the region, with 60% of respondents citing a lack of skilled personnel as a hindrance to cybersecurity preparedness. The report also delves into the types of cyberattacks faced by businesses, including web attacks, phishing, Distributed Denial-of-Service (DDoS) attacks, insider threats, and stolen credentials. The primary goals identified for these attacks were planting spyware, financial gain, data exfiltration, and ransomware. Notably, the top three challenges reported by cybersecurity decision makers and leaders are securing a hybrid workforce (51%), defending against cyberattacks (48%), and implementing Zero Trust principles (42%).

Quantity vs. Effectiveness of Cybersecurity Solutions

Many respondents revealed having between six and 15 cybersecurity products in their architecture, while larger organizations had even more, often exceeding 20. However, managing multiple solutions seems to have negatively impacted effectiveness, as organizations with fewer solutions (less than 15) experienced fewer cybersecurity incidents compared to those with more solutions. Furthermore, organizations with fewer solutions demonstrated quicker incident resolution times.

Anticipated Budget Increases for Cybersecurity

In the last year, 53% of participants allocated between 11% and 20% of their total IT budget to cybersecurity, while 28% allocated more than 20%. Healthcare, Transportation, and Finance were the industries that allocated the most resources to cybersecurity, while Education, Gaming, Government, and Manufacturing invested the least. Looking ahead, 67% of respondents expect their cybersecurity budgets to increase in the next year, with 22% planning to maintain their current spending levels.

A Holistic Approach to Cybersecurity

In light of the findings, Jonathon Dixon, Vice-President and Managing Director for Asia Pacific, Japan, and China at Cloudflare, emphasized that while preparedness is crucial, organizations are grappling with an increasingly complex and volatile cybersecurity landscape. He stressed the importance of cultivating a strong security culture that empowers business leaders to view cybersecurity as a strategic imperative. Dixon advocated for technological and cost consolidation, underscoring that the solution is not merely increasing spending or adding more products. He believes that building a robust and manageable cybersecurity infrastructure can lead to reduced expenses while maintaining strong protection.

Cloudflare’s Role in Asia Pacific Cybersecurity

Prominent organizations in the Asia Pacific region, including Envato, JCB, and Melbourne Airport, have turned to Cloudflare for their cybersecurity needs. These organizations appreciate Cloudflare’s cloud-native approach and its ability to provide secure and effective access to company resources for their global workforce. Ross Simpson, Senior Principal Security Engineer at Envato, highlighted Cloudflare’s effectiveness as an alternative to traditional access controls.

For further insights from the APAC Cybersecurity Study, the whitepaper can be downloaded here.