New research found more than seven in ten (71%) IT decision-makers feel the government should be doing more to protect Singaporean businesses from cyber-attacks.
Fifty-nine per cent of Singaporean IT decision-makers say they are confident they understand their organisation's responsibilities regarding government reporting of cyber incidents and data breaches.
Jacqueline Jayne, security awareness advocate for APAC at KnowBe4, says the data suggests that Singaporean IT leaders and businesses are not feeling supported by the government when it comes to security issues.
“There is more education required for those in IT about their obligations and commitments but also of the general public about how to stay safe online both at home and at work,” she added.
What the government should be doing
- Providing more education and awareness to all our citizens about the cyber risks and how to stay safe online (44%),
- Providing more training for Singaporean businesses on cyber risks (47%), and
- Providing more funding for Singaporean businesses for cyber protection (40%).
Who is responsible?
Jayne says cyber threats are so pervasive that keeping individuals and businesses safe requires a combined effort from the government, business leaders, IT departments and employees alike. “There is no panacea or magic technology solution that will protect your business. Everyone needs to be educated about potential threats and how to avoid them,” she added.
- Fewer than half (46%) of Singaporean IT decision-makers believe that it is everyone’s responsibility to protect the organisation from cyber-attacks.
- 34% believe it is the IT department’s responsibility (13% higher than office workers),
- 24% believe it is the employee’s responsibility,
- 25% believe it is the government’s responsibility, and
- More than a quarter (28%) say technology should be protecting the organisation from cyber-attacks.
Furthermore, 74% of those who are planning on investing in/spending money towards cyber security in 2022 feel that government should be doing more to protect Singaporean businesses from cyberattacks, including, providing more training for Singaporean businesses on cyber risks (51%) and providing more funding for Singaporean businesses for cyber protection (41%).
The employee view:
Given the IT department’s lack of clarity, it is unsurprising that employees are also unaware of who is responsible for cybersecurity:
- One in four (23%) say technology should be protecting the organisation from cyber-attacks,
- 12% believe it is the employee’s responsibility,
- 21% believe it is the IT department’s responsibility, and
- 9% believe it is the Government’s responsibility.
However, training regarding cyber security impacts employees’ views and makes them more likely to take responsibility for their own role in keeping the organisation safe. Those who have received training are more likely to believe it is everyone’s responsibility (67%) compared to those who have not received training (55%).
While in contrast, those who have never received training are more likely to believe that it is the IT department’s responsibility (30% compared to 16%).
