Palo Alto Networks survey identifies increase in digital transactions with third parties, unmonitored and unsecured IoT devices and access from personal devices and home networks as key threat vulnerabilities.
Palo Alto Networks has published its 2023 State of Cybersecurity ASEAN report, which found that larger businesses within ASEAN faced increased security risks from unsecured IoT devices and new found risks from their increased reliance on cloud-based services.
OT cybersecurity continues to remain a top concern in the region since 82% of organizations with Operations Technology have a common cybersecurity team that look after their IT and OT infrastructure and systems.
The study received responses from 500 business representatives across Singapore, Malaysia, Indonesia, the Philippines and Thailand assessing their perspectives on the cybersecurity challenges and future strategies.
Even though the risk exposure to cyber threats is high with 52% organizations feeling they are at high risk from cybersecurity threats, 90% of the organizations across ASEAN are still confident in their adopted security measures.
However, small businesses felt relatively less confident in coping with the cybersecurity challenges due to constrained cybersecurity budgets and relatively weaker in-house cybersecurity talent.
Increasing digital transactions with third parties (51%), risks from unmonitored IoT devices (47%) and risks posed by personal devices and home networks accessing the corporate network (47%) were cited as the top three challenges facing cybersecurity practitioners.
But over 80% of all businesses say cybersecurity is being discussed at the board level on a quarterly basis and is top of agenda for most boards. This has resulted in 66% of all organizations increasing the budget allocated for cybersecurity in 2023.
Additionally, 29% of all organizations reported a more than 50% increase in budget for 2023 compared to that in 2022 – pitched as a very positive trend as more organizations across the region build resilience against cybersecurity threats.
While this confidence is reflected across industry sectors in the region, it is particularly apparent in the Services (Banking and Financial) as well as Transport and Logistics sectors.
“The confidence in their security measures indicates that businesses have and are continuing to build resilience against evolving cyberattacks.
However, the survey urges confidence to be coupled with caution. Taking a proactive approach to cybersecurity is the need of the hour which will need an all-hands-on-deck initiative with active participation from everyone within the organization,” said Steven Scheurmann, Regional Vice President for ASEAN, Palo Alto Networks.
Key findings from the report include:
Industry:
● ASEAN organizations face three main cybersecurity challenges:
○ Unmonitored IoT devices and unsecured IoT devices (60%)
○ Personal devices and home networks accessing the corporate network (47%)
○ Increase in digital transactions with third parties (47%)
● Most organizations with OT (82%) also admitted to having a common cybersecurity team that look after their IT and OT infrastructure and systems.
● A majority of businesses claim to be working on a 5G strategy, but are concerned with securing 5G data and applications layers
Cybersecurity risks:
● An alarming 95% of organizations said there is a rise in cybersecurity incidents and that disruptive attacks have grown
● More than half (52%) organizations in ASEAN feel that they are at high risk from cybersecurity threats, particularly those in the Services (Banking and Financial), Essential Services and Manufacturing sectors
● Malware is a top concern across 60% of organizations
Boardroom discussions and cybersecurity budget:
● Over 80% of all ASEAN organizations say cybersecurity is discussed at the board level on a quarterly basis.
● 66% increased their cybersecurity budget for the year 2023
● 29% reported an increase of more than half of their 2022 budget
Security outlook:
● More than half (53%) ASEAN organizations are thinking of adopting AI integration as the top technology to mitigate cyber risks
● Three key cybersecurity strategies being considered:
○ Cloud security adoption (44%)
○ Identity and access management (40%)
○ Securing IoT/OT (40%).
● Endpoint protection and SASE strategy are other areas organizations focus on.
AI integration is the top technology businesses are adopting soon.
Telco/Tech/Communications businesses are most interested in AI adoption across the region and is expected to grow at a faster pace in the coming years.
As customers expect cybersecurity firms to leverage AI to serve them better, Malaysia and Singapore are showing higher interest in deploying Big Data/data lake applications.
“Attackers are constantly evolving and many SMEs see security as a point-in-time initiative — they are not updating their security capabilities to keep up with attackers. In many parts of ASEAN, SMEs form the backbone of our economies. It is imperative for them to update their security capabilities and an actionable incident response plan is the first step towards redefining their security strategy along with a greater emphasis on automation of existing cybersecurity processes to foster resilience and confidence, said Scheurmann.
The survey was conducted online in April 2023 with 500 corporate IT decision-makers and business leaders across five key industries in ASEAN: Services (Banking, Financial), Government/Public Sector/ Essential Services, Telco/Tech/Communications, Retail/Hotel/F&B, Transport and Logistics, and Manufacturing. There were 100 respondents each from Singapore, Malaysia, Indonesia, the Philippines and Thailand.
Click below to share this article