When it comes to cybersecurity, most enterprises in Asean are opting to stick with the tried-and-tested and familiar. There is, however, growing interest in comparatively newer tools such as software-defined wide area network (SD-WAN) security systems.
Antivirus or antimalware tools remained the most popular cybersecurity choice for enterprises in the region, with 71% deploying these applications, revealed a Palo Alto Networks study released Thursday. The online survey was conducted in February 2020 at the start of the COVID-19 outbreak, before safe distancing measures were rolled out, with 100 respondents each from four Asean markets: Singapore, Indonesia, Thailand, and the Philippines.
These businesses also were rolling out comparatively newer and more advanced options, with 58% implementing cloud native security platforms and 55% turning to SD-WAN infrastructures. Half had rolled out next-generation firewall, while 42% and 40% implemented encryption and anti-ransomware applications, respectively.
SD-WAN security was particularly popular in Singapore, where 62% -- the highest across the region -- had implemented such systems, noted Palo Alto. In fact, 31% had deployed 5G security for Internet of Things (IoT), in anticipation of the network's rollout next year.
Some 79% in the city-state also indicated an increased in their cybersecurity budgets between 2019 and 2020, with 53% dedicating at least half of their company's IT budget towards cybersecurity.
The move to push up their security spending was fuelled by growing volume of attacks, as cited by 71% of Singapore respondents, while 58% pointed to the increased sophistication of threats and 51% revealed a need to upgrade existing infrastructures to facilitate automation.
Across the region, 73% said their security budgets had expanded, with 46% setting aside more than half of their total IT spending towards cybersecurity.
Amongst 5% that chose to reduce their security spending, the majority pointed to the lower likelihood of breaches -- based on their experience from the previous year -- and a restructuring of their IT budgeting priorities.
Palo Alto, however, noted that spending on cybersecurity could change as businesses reviewed the impact of the coronavirus outbreak.
"In light of the COVID-19 pandemic, businesses will now need to navigate the newfound risks brought about by remote work and other COVID-19-themed threats," Palo Alto Networks' Asean vice president Teong Eng Guan said. "This will require a relook at cybersecurity existing strategies and investments."
Across the four markets, 96% said they reviewed their cybersecurity policies and standard operating procedures (SOPs) at least once yearly, while 82% checked to ensure their computer software was updated at least once monthly. Another 94% supported the need for mandatory breach reporting.
With threats growing, though, 58% acknowledged their organisation remained vulnerable to attacks. Some 48% said the lack of security awareness amongst employees as a top challenge, while 43% pointed to risks from third-party providers and suppliers. Another 32% were concerned about the lack of understanding within the management team about the importance of cybersecurity.
Teong said: "Challenges around the 'people' factor of cybersecurity are set to remain in Asean, as employees log in from home networks. Many parallels can be drawn with how we're dealing with the global pandemic, as we now navigate the resumption of our daily lives cautiously, businesses, too, will need to be more vigilant and extra cautious as they adapt and evolve their cybersecurity approach.
"As organisations roll out more cloud-based applications and connectivity tools to support a distributed workforce, we also need to be careful about the partners and suppliers they're connecting to and sharing data with, now more than ever."
- COVID-19 fuels cyber attacks, exposes gaps in business recovery
- Majority of firms concerned about public cloud security, most have suffered breach
- Remote workers in Singapore aware of security rules, but still break them anyway
- Cyber accounts for 26% of all crimes in Singapore
- APAC firms look to edge for faster response but worry over data security
- Singapore updates guidelines on data breach notification and accountability
- Most Singapore firms experienced data breaches, worried over 5G deployments