Most APAC firms have suffered breach, but security still not priority at board level

Some 86 percent of Asia-Pacific businesses have experienced a cybersecurity breach in the last two years, but just 44 percent believe security still is not a top discussion point for their board members.
Written by Eileen Yu, Senior Contributing Editor

Most businesses in Asia-Pacific have experienced a security breach, but 44 percent of IT decisions makers believe cybersecurity still is not a top priority at boardroom discussions.

Some 86 percent of organisations in the region had suffered a security breach over the past couple of years, including 48 percent that experienced some form of malware or ransomware attack, revealed an online survey conducted by Fortinet.

Despite the level of attacks, almost half felt that IT security was not a top discussion point for their company's board members. The apparent lack of emphasis, however, did not impact budgets as 64 percent said they allocated at least 10 percent of their IT expenditure towards security. Another 73 percent said their IT security budget had increased from the previous year.

Almost 80 percent believed board members should place cybersecurity under greater scrutiny, according to the study, which polled 601 respondents in Asia-Pacific, including Singapore, Australia, India, and Indonesia.

In particular, they pointed to their company's move to the cloud as part of its digital transformation would drive the need to make security a bigger priority. Eighty percent of Asia-Pacific respondents said cloud security was increasing in importance and becoming a top priority for the board. Some 55 percent said their company was planning to invest in cloud security over the next year.

The aftermath of high-profile global attacks, such as WannaCry, also had put higher focus on IT security, with 58 percent noting that such incidents would highlight security as a priority among board members.

Another 37 percent believed that increased pressure to comply with legislations, such Europe's upcoming GDPR (General Data Protection Regulation), would drive higher awareness at the board level about security.

Patrice Perche, Fortinet's senior executive vice president of worldwide sales and support, said: "As organisations now embrace digital transformation and turn to technologies like the cloud, cybersecurity is no longer just an IT investment but a strategic business decision. In today's digital economy, I expect the trend we've seen at the board level to accelerate with security being treated as a top priority within an organisations' broader risk management strategy."

Editorial standards