Sophos, a global leader in next-generation endpoint and network cybersecurity, announced the findings of its report, The Future of Cybersecurity in Asia Pacific and Japan – Culture, Efficiency, Awareness, which reveals that the success of an organisation’s cybersecurity investment lies in more than buying technology, with corporate culture, employee education and path-to-purchase playing a critical role.
Across Malaysia, the majority (68 percent) of business decision makers believe lack of security expertise is a challenge for their organisation, with 72 percent observing recruitment of skills to be a struggle. This comes down to the set-up of cybersecurity within organisations, which commonly sees IT staff tasked with security in addition to their other responsibilities.
There is also a wider cultural issue, relating to attitude and behavior, impacting corporate cybersecurity. In fact, 92 percent of Malaysian organisations believe the biggest challenge to their security in the next 24 months will be improving cybersecurity awareness and education among employees and leadership.
Drivers of change
More than half (59 percent) of organisations anticipate their use of external security partners to rise over the next 12 months. Organisations are increasing their number of partners in a bid to manage phishing, malware and ransomware threats, which were all highlighted as growing concerns by survey respondents.
However, the majority (68 percent) of Malaysian organisations are satisfied with their main security providers. As expected, organisations are most likely to consider new cybersecurity solutions or strategies after serious attacks or breaches, or to better support adoption of new technologies, products or services, according to the survey. They are also most likely to make changes to support regulatory or corporate compliance changes after a cybersecurity incident.
The role of the IT channel
Right now, organisations in Malaysia most commonly engage vendors for point solutions in traditional outsourcing/licensing contracts. However, in the next 24 months, organisations predict they will engage vendors and service providers on multi-year contracts for holistic solutions and licensing contracts – suggesting that the channel has an expanding role to play in businesses.
There is a growing requirement by Malaysian organisations for the channel to do even more. Two in five (37 percent) respondents want partners to demonstrate that they understand their business, and a further 39 percent are looking for partners to provide comprehensive end-to-end support.
“Security is hard. We all know it. Sophos’ survey highlights the constant challenge presented by the evolving security landscape and never-ending search for skills and best practices to help organisations overcome these threats. What does it really mean to ‘be secure’? Ultimately, security is about managing risk. To do that effectively, IT managers must be able to identify key areas where their team’s actions will have an outsized impact on protecting their organisation, employees and the data their company has been entrusted with,” said Chester Wisniewski, principal research scientist, Sophos.
Gavin Struthers, regional vice president for Asia Pacific and Japan, Sophos, said, “This research highlights the everyday struggles of organisations across APJ. Huge gaps exist in finding security expertise and in staying up to date with technology, and this represents a massive opportunity for the channel. To stay relevant, channel partners are encouraged to become more cybersecurity savvy while also passing on the expertise they learn from their trusted security vendors to their customers. Educating customers about best practices, about people and process, is just as important as leveraging innovative technologies to improve their organisation’s security posture.”