New research has found that most (80%) of organisations in the Asia Pacific (APAC) region did not take cyber security into account until after starting digital transformation programmes.
The study’s concerning results showed that 55% of those organisations remained at risk, despite carrying out regular breach audits.
Frost & Sullivan Asia Pacific is the analytics firm that carried out the research for US cyber security corporation, Forcepoint. Industry principal at California-based Frost & Sullivan, Kenny Yeo, said:
“It is clear from this study that many APAC organisations are on the back foot when it comes to enterprise cyber security in the borderless organisation.”
“Security leaders need to look beyond perimeter security, leverage automation and have a better grasp of the psychology of both cyber criminals and their business users. Incorporating behaviour modelling into their IT security architecture is certainly a way to identify potential risks and fend off cyber attacks,” Yeo added.
This failure to conduct due diligence in the face of an increasing global cyber security threat comes as digital transformations continue across organisations in the APAC region. Transformation, whether through public cloud, mobility applications, IoT devices or AI is now taking place in 95% of firms in the global area.
Even so, 65% of respondent organisations in the study said they were being held back when it comes to transformation projects, with the rising tide of cyber-attacks being cited as a key culprit for delays.
A Forcepoint chief has blamed the shortcomings on the failure of APAC bosses to take cyber security seriously when initiating transformation projects. Alvin Rodrigues, senior director and security strategist at Forcepoint Asia-Pacific, said:
“Organisations today need to urgently to embrace ‘secure by design’ into their digital transformation projects. Adopting a behaviour-centric security approach that focuses on understanding users’ behaviour on the network and within applications to identify behavioural anomalies can mitigate cyber attacks before they happen.”
The research also showed that 69% of organisations have turned to cloud services, while 54% feel cyber security should be taken care of by their cloud service provider – an attitude at odds with the ethic of shared responsibility ethic that gives momentum to modern legislation in cyber security.
Join our free-to-attend digital event, Last Thursday in Privacy, addressing data protection, privacy and security challenges including working from home, COVID-19, global regulations and more. Visit https://digital.privsec.info/.
We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.
Privacy Culture: Data Privacy and Information Security Consulting, Culture & Behaviour, Training, and GDPR maturity, covered. https://www.privacyculture.com/