An online survey of 400 IT executives in ASEAN revealed that 73% of organizations increased their investment in cybersecurity between 2019 and 2020. Commissioned by Palo Alto Networks, the survey included respondents from Indonesia, Singapore, the Philippines and Thailand.
Attacks trigger rise in cybersecurity spend
The growing volume in cybersecurity attacks is cited by 68% of respondents as primary reason for raising budgets. Surprisingly only 29% confirmed having experienced a cyber breach in 2019.
Figure 1: Cybersecurity budget trends across the region
Among the 5% of organizations that plan to reduce their cybersecurity spending, they cited the lower likelihood of breaches, based on their observations from the previous year, and a reordering of their IT budgeting priorities.
The latter reason reaffirms the impact of COVID-19 on overall business operations. If mapped against IDC’s COVID-19 Tech Index, investments in new technologies such as cloud, the IoT and AI will likely remain unchanged, or even grow in 2020.
“It’s encouraging to see that interest in integrating automation is partly driving cybersecurity investments in Singapore. This underscores businesses’ growing awareness on the importance of preventing successful cyberattacks that have the potential to disrupt businesses, as we’ve seen in recent years,” said Teong Eng Guan, vice president, ASEAN, Palo Alto Networks.
Reflecting on the ongoing presence of COVID-19, he cautioned that businesses will now need to navigate the newfound risks brought about by remote work and other COVID-19-themed threats. This will require a relook at cybersecurity existing strategies and investments.
Confidence on cybersecurity strategy
The State of Cybersecurity in ASEAN in 2020 report noted that respondents felt assured that their organisation’s cybersecurity measures will protect it from threats. Up to 64% believed the risk of exposure to attacks as low to moderate. The survey noted that 79% of respondents outsourced their cybersecurity or IT functions to a managed security service provider (MSSP).
Where cyberthreats are coming from
Despite growing confidence in their cybersecurity posture, 58% still believe that they remain vulnerable to attack.
Network threats and malware were seen as the main dangers across the region.
There were, however, some significant differences across the region. For example, 46% of Thai respondents saw network threats as the most dangerous, whereas none seemed particularly worried by ransomware. In contrast, 19% of Singaporeans and 16% of Indonesians saw ransomware as a big danger. Software and IoT vulnerabilities and cloud threats were also seen as significant risks among all organizations surveyed.