Singapore most exposed, but also most prepared in cybersecurity: Deloitte

Singapore faces the highest cybersecurity risk in Asia-Pacific due to its high internet adoption rate, but it is also the most prepared to deal with it in terms of policies and organisational readiness. On the other end of the spectrum, Indonesia faces the least risk exposure and is also the least prepared to handle cybersecurity incidents.

And there is value in being ready to face such threats -- in fact, it's to the tune of an additional $145 billion to the region's GDP over 10 years, according to Deloitte's Cyber Smart Index. Businesses that are confident that cyber risks can be effectively managed are more willing to invest in technology, hence, improving productivity and fuelling growth in the industry. 

See also

Singapore sets up committee to review public sector data security, but stands firm on PDPA exemption

Following several breaches involving government entities, Singapore's prime minister has assembled a committee to review data security practices in the public sector, but the government stands firm on excluding these agencies from the country's Personal Data Protection Act.

Read now

Commissioned by VMware, the report was based on the analysis of Deloitte's cyber consultants who assessed the level of cyber risk exposure and readiness based on several components including size of attack surface, frequency of attacks, sophistication of the legislative environment, organisational capability to respond to cyber threats, and the extent of best practices deployed in the country. The report examined 12 markets across the Asia-Pacific region, including Australia, Japan, India, Thailand, and the Philippines.

Across the board, the region scored 56 out of 100 in terms of cyber preparedness, signalling significant room for improvement. 

Faced with high cyber risks, the Deloitte report noted that Singapore had rolled out a nationwide security masterplan and introduced programs such as the Co-Innovation and Development Proof of Concept to provide seed funding and support developments in the sector. The Monetary Authority of Singapore also introduced a $30 million grant to encouraged financial services companies to enhance their security measures. 

Australia, assessed to be fourth-most exposed and third-most prepared, put strong emphasis on higher education and scored particularly high on cybersecurity education and R&D investment, according to Deloitte. The education sector, however, also had some of the world's most profitable players and this was contributing to its cyber threat, noted the report, pointing to the rapid digitisation of the country's education systems and e-learning growth. These made its education sector the most frequently targeted education domain globally, it said. 

Deloitte further underlined the need for governments to look at broader governance frameworks to support their cyber strategies, encompassing elements such as risk management, training, risk culture and behaviour, as well as policies and standards for cybersecurity such as information privacy and protection. 

Deloitte Access Economics in Australia's partner John O'Mahony, who is the report's lead author, said: "The challenge for policy makers is to build a comprehensive legislative framework and environment that protects businesses from cybersecurity risks, whilst allowing them to innovate and maximise the potential of digital technologies. 

"We see interest from government, business owners, and vertical experts in building a cyber smart Asia-Pacific that we estimate can unlock as much as 0.7% or $145 billion additional GDP growth for the region over the next 10 years," O'Mahony said. 

VMware's senior vice president and Asia-Pacific Japan general manager, Duncan Hewett, added that exposure to cyber attacks would increase as nations aimed to become digital economies. This underscored the need for them to be prepared to mitigate the risks to organisations and minimise the potential costs of an attack, he said. 

Hewett said: "Based on what we have seen in the region, businesses with an established cybersecurity strategy in place have confidence to invest in new technologies which can lead to higher levels of capital investment and productivity growth."

RELATED COVERAGE

• Singapore to introduce security label for smart home devices
• Singapore government pledges to improve data security with new measures
• Singapore's public sector to adopt new measures to tighten data security
• APAC firms must transform cybersecurity approach
  
• Singapore updates guidelines on data breach notification and accountability
• Lack of collaboration, disclosure affecting APAC security posture
  
• Singapore arms up on cyberdefence experts, opens cyberdefence school
  
• Singapore to offer bug bounty, set up Asean cybersecurity centre
• Singapore sees drop in common security threats, but foresees more data breaches