Palo Alto Networks, the global cybersecurity leader, unveiled new research examining businesses’ attitudes towards cybersecurity across several markets in Southeast Asia, including Indonesia, Singapore, the Philippines and Thailand. Conducted in early February 2020 before the global escalation of COVID-19, the survey found that in addition to increasing their cybersecurity budgets, many companies in Singapore are also feeling more confident in their ability to mitigate cyberthreats.
Cybersecurity investments are responding to the rise in attacks
With 2018 and 2019 seeing a number of high-profile breaches and cyberattacks in Singapore, it is unsurprising that almost 4 in 5 companies (79%) increased their cybersecurity budget between 2019 and 2020. More than half (53%) of companies here also reported allocating over half their organisation’s IT budget to cybersecurity spending. This initial increase in budget was mainly attributed to the growing volume (71%) and sophistication (58%) of threats, as well as a need to upgrade existing frameworks to incorporate automation (51%).
“It’s encouraging to see that interest in integrating automation is partly driving cybersecurity investments in Singapore. This underscores businesses’ growing awareness on the importance of preventing successful cyberattacks that have the potential to disrupt businesses, as we’ve seen in recent years,” said Teong Eng Guan, vice president, ASEAN, Palo Alto Networks. “However, in light of the COVID-19 pandemic, businesses will now need to navigate the newfound risks brought about by remote work and other COVID-19-themed threats. This will require a relook at cybersecurity existing strategies and investments.”
Familiar tools remain popular but interest is turning towards newer solutions
Companies in Singapore continue to rely on popular solutions such as anti-malware and antivirus software (61%) like other countries in ASEAN. However, the interest around more holistic and advanced tools is growing as companies adapt their cybersecurity strategies to meet the evolving needs of the business landscape.
Software-defined wide area network (SD-WAN) security (62%) was reported as the most popular solution amongst Singapore companies as a means of maintaining visibility into ever-expanding, complex digital networks. SD-WAN solutions are gaining momentum as more companies look to connect more offices and employees securely to cloud applications and resources.
Likewise, over half of businesses (54%) are already investing in cloud-native security in line with Singapore’s role as a regional business and innovation hub and a mature cloud market. The figure is only set to grow with the Government’s recent commitments to increase public sector investment in ICT and the bigger push for more small and medium-sized enterprises to go digital post-COVID-19. A similar proportion have also started leveraging next-generation firewalls (54%) as well.
In preparation for an impending rollout next year, 31% have also already ventured into 5G security for IoT.
Accountability and visibility have bolstered confidence
Perhaps bolstered by their increased investments in cybersecurity, the majority of Singapore companies (66%) regard their organisation’s risk to cyberthreats as “low” to “moderate”. Overall, Singapore companies were the second most confident of the four countries surveyed with 75% believing that their current security measures are capable of protecting them from existing cyberthreats.
This confidence can be attributed to a number of factors besides increased spending. Most (70%) companies in Singapore reported using a managed security service provider (MSSP) to handle IT and cybersecurity responsibilities.
Businesses have also demonstrated a clear commitment to improving visibility when it comes to handling cybersecurity risks:
The vast majority (96%) of companies reported reviewing their cybersecurity policies and standard operating procedures at least once a year.
Singapore companies are strong advocates for transparency, with 91% supporting mandatory breach reporting, an expected result of recently announced guidelines by the Personal Data Protection Commission (PDPC).
A clear majority (81%) also check their organisations’ computers at least once a month to ensure that software is up to date.
No room for complacency
Despite the overall confidence, 3 in 5 respondents are still mindful that their organisation may be vulnerable to cyberattacks. Besides the potential impact of monetary losses, companies’ biggest concerns involve the loss of internal data (29%), which includes intellectual property and employee data, and external data (33%) such as customer payment information, as the biggest potential sources of damage in the event of a breach.
When asked to rank the biggest cybersecurity challenges within their companies, respondents identified the following:
Risks from third-party service providers and suppliers (49%)
The IT team’s need to manage other priorities (37%)
Lack of employee awareness on cybersecurity (36%)
“Singapore companies are being confronted by new cyber risks and perennial threats, which leave cybersecurity teams and the broader workforce with little choice but to adapt. The race is now on for businesses to leverage new tools such as automation and machine learning to close the gap as fast as they can,” said Teong Eng Guan, vice president, ASEAN, Palo Alto Networks.