An overwhelming 92% of Singapore companies in a new study reported experiencing significant psychological consequences following a cyberattack, ranging from worries over job security (44%) to loss of trust among colleagues (31%).
Moreover, about 39% of respondents reported leadership changes as a result of a cyberattack.
This is one of the key highlights of the new “The State of Data Security” study by Rubrik Zero Labs. Rubrik Zero Labs is the new cybersecurity research unit formed by Rubrik to analyse the global threat landscape and report on emerging data security issues.
Chris Krebs, a founding partner of the Krebs Stamos Group and chair of the CISO Advisory Board at Rubrik, observed organisations often overlook the psychological dimension of cyberattacks and the chaos that tends to follow after discovering an incident.
“The bad guys sure have figured it out, though, with criminals and state actors alike trying to generate emotional responses when they attack, as evidenced by the increase in criminal extortion efforts and hack and leak campaigns,” said Krebs.
In the end, IT and security leaders alike tend to take the blame for these cyberattacks, he added.
“One of the most effective techniques I’ve seen to prepare for these types of attacks is to accept you’re going to have a bad day at some point, and your job is to ensure that it doesn’t become a ‘worse day.’ This is why we need defenders across the spectrum to come together - sharing best practices, learnings after attacks, simulations, frameworks - so that we’re collectively strengthening our defences and minimising the psychological impact brought on by an attack,” said Krebs.
Shaken confidence
About 24% of leaders surveyed said their IT and SecOps teams were either somewhat or not at all aligned when it came to defending their organisations.
Survey results also find that organisations in Singapore are losing confidence in their ability to withstand cyberattacks with 95% of respondents worrying that they will be unable to maintain business continuity if they experience cyberattacks.
What’s more, almost a quarter of 23% of those polled believe their board of directors has little to no confidence in their organisation’s ability to recover critical data and business applications after a cyberattack.
Their low confidence to weather the impact of a cyberattack showed after two-thirds or 69% of survey respondents admitted their organisation is likely to consider paying a ransom following a cyberattack.
“It’s clear from this research that cyberattacks continue to produce large impacts against global organizations and the effects are compounding,” said Steven Stone, head of Rubrik Zero Labs. “In addition to this rise in frequency and impacts of cyber events, the individuals on the front lines are taking a psychological hit on their well-being.”
He added: “Trust is down and anxiety is up. Without a proactive and reliable approach to defend against modern cyber threats and strengthen confidence in an organisation’s ability to resolve these cyber events, these impacts - both human and organisational - will continue to worsen and feed each other. The good news is we’re also seeing pragmatic, proven strategies in this same space paying off and we can build off these approaches.”
One cyberattack per week
The study also finds Singapore companies are getting one cyberattack per week with only 9% of organisations able to return to normal operations within one hour of discovering the incident.
More than half or 53% of Singapore-based companies polled in the new “The State of Data Security” study by Rubrik Zero Labs reported a data breach in the past year, while 59% stated having faced a ransomware attack during the same time period.
The new “The State of Data Security, conducted by Wakefield Research, on behalf of Rubrik Zero Labs was conducted in the US, UK, France, Germany, Italy, Japan, Australia, Singapore, and India between July 18 and July 27, 2022.
It gathered insights from over 1,600 global security and IT leaders including CISOs, CIOs, VPs, and directors – including 125 respondents in Singapore.