Fortinet has revealed additional findings from this year's global enterprise security survey, including a confidence in IT security measures among organisations despite having been breached.
The survey, which recorded 1,801 respondents across 16 countries globally, found 48 percent of APAC IT decision makers (ITDMs) at organisations with more than 250 employees to be confident of their security posture, despite 86 percent having been breached in the past two years.
82 percent of the APAC IT decision makers surveyed believe they are doing better than their peers in terms of cybersecurity, according to the survey, while only 6 percent believe they are lagging behind.
Respondents said 33 percent of breaches in the last two years were the result of social engineering, ransomware, and email phishing.
When asked what they would have done differently over their security career, 46 percent of the APAC ITDMs said they wish they'd invested more in employee security awareness training to prevent a security breach.
In 80 percent of breaches, Fortinet found that an APAC company board blames the IT department -- with 34 percent blaming an individual and 47 percent blaming the whole department. Employees outside the IT department get blamed in 30 percent of breach incidents, the report added.
Fortinet highlighted that responsibility for a breach should extend to the rest of an organisation, not just an IT department, heightened through the use of BYOD and IoT, cloud-based applications, and shadow IT across an organisation.
73 percent of APAC businesses are planning employee IT security education programs in 2018, Fortinet added. However, security measures such as network segmentation to reduce the spread of malware are being planned by only 26 percent of the APAC businesses next year.
Fortinet's report, originally released in October, revealed that 44 percent of ITDMs surveyed believe cybersecurity still is not a top priority at boardroom discussions.
Some 86 percent of organisations in the region had suffered a security breach over the past couple of years, including 48 percent that experienced some form of malware or ransomware attack, the survey revealed.
The aftermath of high-profile global attacks, such as WannaCry, also had put higher focus on IT security, with 58 percent noting that such incidents would highlight security as a priority among board members.
PREVIOUS AND RELATED COVERAGE
The region's preparedness to ward off cyber attacks and fight cybercrime is growing, but so are the threats, according to a new report from one of Australia's leading think tanks.
Suspected to have originated from a 2014 attack, the breach is estimated to affect 46.2 million mobile numbers and compromise data such as home addresses and SIM card information.
Some 86 percent of Asia-Pacific businesses have experienced a cybersecurity breach in the last two years, but just 44 percent believe security still is not a top discussion point for their board members.
8 steps to take within 48 hours of a data breach (TechRepublic)
A slow response to a data breach can mean even bigger problems for a company. Here are eight quick actions to take as soon as you find out your business has been hacked.
Data breaches can be chaotic and stressful episodes. Learn the most effective actions you can take to help plan for these turbulent events.