The study surveyed 400 respondent organisations across the Asia Pacific with 100 coming from Australia, and included organisations from financial services, telecommunications, manufacturing, energy & utilities, retail, education and healthcare industries. Just over half were from Enterprise with the rest SMB. Three-quarters of the respondents were C-level executives and senior IT and security decision-makers.
The study found most APAC organisations (83%) did not think about cyber security while embarking on digital transformation projects. Although a majority (72%) conducted regular breach assessments to protect themselves against cyber attacks, 55% were still at risk. The study revealed that cloud was a key component of digital transformation (69% of respondents had adopted cloud) but most organisations thought cyber security was the responsibility of the cloud service provider.
The study revealed a big push towards digital transformation, with 95% having embarked on a digital transformation journey, adopting emerging technologies, including cloud computing, mobility, Internet of Things, and artificial intelligence/machine learning. However, most organisations (65%) acknowledged that they were seriously hampered in the execution of digital transformation projects due to rising cyberattacks.
Forcepoint specialises in network security that focuses on anomalous behavioural patterns of users in an effort to identify and curb fraud and data exfiltration. Senior director and security strategist Alvin Rodrigues said: “Organisations today need to urgently embrace 'secure-by-design' into their digital transformation projects. Adopting a behaviour-centric security approach that focuses on understanding users’ behaviour on the network and within applications to identify behavioural anomalies can mitigate cyber attacks before they happen.”
More findings included that cloud has become one of the key components which is leading digital transformation, with 69% adopting cloud. However, 54% were under the impression that their cloud service provider would take the full responsibility for security. Forcepoint believes that security and compliance are normally a shared responsibility between an organisation and the cloud service provider and that the “serious misconception” around responsibility of security in the cloud is resulting in a higher number of cyber attacks.
Forcepoint also believes that existing cyber security measures are not proving enough for enterprises to protect against cyber incidents. The findings demonstrate that the majority of organisations have taken measures to protect themselves against "cyber incidents", with 72% performing breach assessments at least once per quarter. Despite the readiness, 55% were at risk − either encountering a security incident or not doing any checks to assess if they had been breached.
Other key points:
- Thirty-five percent of APAC organisations suffered at least one cyber security incident in the last 12 months.
- On a country level, Indian (69%) and Australian (63%) firms were found to be most at risk of cyber attack.
- Digital transformation is accelerating among organisations, but 65% say their progress is hindered by cyber risks.
- Existing cyber security measures not proving enough for organisations to protect against cyber incidents – 35% of Asia Pacific firms suffered at least one such incident in the last 12 months.
Forcepoint believes there are many security blind spots prevalent in the industry, “The study reveals the impact digital transformation is having on each organisation’s risk posture. As more digital technology is built into business like cloud and mobility, it is opening each organisation up to more threats. Data exfiltration, impersonation — both theft of digital identity and online brand impersonation — loss of intellectual property and malware infection emerged as the top security blind spots for organisations rolling out digital transformation." These five incidents, the study states, have high levels of business impact and long recovery times.
The writer attended the Forcepoint conference in Malaysia as a guest of the company