Research* commissioned by Cohesity, an AI-powered data security and management provider, has revealed increasingly sophisticated and frequent cyberattacks are forcing most companies in Singapore and Malaysia to pay ransoms because they can’t recover their data and restore business processes.
The research polled from 504 IT and security decision-makers in Singapore (SG) and Malaysia (MY) shows that companies firmly operate in a ‘when’ not ‘if’ reality of cyberattacks, with the majority of respondents’ organisations falling victim to a ransomware attack in the last six months. Almost all said the threat of cyberattacks to their industry has or will increase in 2024 - and most have paid a ransom in the past 12 months.
Seven in 10 (70%) respondents said their company had been the ‘victim of a ransomware attack’ in 2024, with close to two-thirds (65%) of Singaporean respondents and over three quarters (77%) of Malaysian respondents saying their organisation had been victims. Respondents expect the cyberthreat landscape to get worse in 2024, with almost all (SG: 91%, MY: 97%) respondents saying the threat of cyberattacks to their industry will increase or had increased this year. Nearly half (47%)1 said it had or will increase by over 50%.
Respondents also revealed keeping their organisations’ cyber resilience and data security strategies up to speed with the current threat landscape is challenging, with four in 10 (41%) respondents saying they do not have complete confidence in their company’s cyber resilience strategy and its ability to ‘address today’s escalating cyber challenges and threats’2.
Further reflecting the current cyberthreat landscape and need for cyber resilience, over nine in 10 (SG: 92%, MY: 95%) said their company had stress-tested their ‘data security, data management, and data recovery processes or solutions’ in the past year, with six in 10 (SG: 56%, MY: 67%) testing their processes or solutions in the last six months.
Cyber resilience - including companies’ ability to recover their data and restore business processes when they suffer a cyberattack - remained a challenge, threatening business continuity, according to respondents:
- Only 3% of respondents said they could recover data and restore business processes within 24 hours (SG: 5% | MY: 1%)
- 24% said their company could recover data and restore business processes within three days (SG: 26% | MY: 20%)
- 34% said they could recover and restore in four to six days, while 25% need up to two weeks (Four to six days: SG: 31% | MY: 38%; one to two weeks (SG: 24% | MY: 28%)
- Thirteen percent needed over three weeks to recover data and restore business processes (SG: 13% | MY: 11% )
Conversely, when asked what their organisation’s ‘targeted optimum recovery time objectives (RTO) to minimise business impact in the event of a cyberattack or incident of compromise' was, 97% of respondents responded 'within a day' despite only 3% saying they could recover data and restore business processes within such a period.
One-third (34%) said their targeted optimum RTO was within an hour (SG: 33%, MY: 36%), conflicting with the response that 4% (SG: 5%, MY: 1%) said their organisations’ tolerance to disruption of business continuity and downtime due to a cyberattack or data breach was within 24 hours. In fact, 34% said their tolerance was up to three days, and 53% said four to six days. Another 8% said it was more than a week.
Over 82% (SG: 80%, MY: 85%) of respondents said their company would pay a ransom to recover data and restore business processes, while 11%3 said ‘maybe, depending on the ransom amount.’ Close to six in 10 (59%) Singaporean respondents and almost three quarters (74%) of Malaysian respondents said their company would be willing to pay over US$1 million to recover data and restore business processes, with 16% and 22% respectively saying their company would be willing to pay over US$5 M.
Moreover, the importance of being able to respond and recover is underscored by 69% (SG: 64%, MY: 76%) of respondents revealing their organisation had paid a ransom in the last year, despite close to three quarters (74%)4 respondents saying their company had a ‘do not pay’ policy. Of the 64% of Singaporean respondents who had paid a ransom in the last year, 36% paid US$500,000 or more in ransom payments, while 47% have paid a ransom(s)5 of between US$100,000 - US$499,999. In comparison, 27% of the 76% of Malaysian respondents who had paid a ransom in the last year paid US$500,000 or more in ransom payments, while 54% of this group paid a ransom(s) between US$100,000 - US$499,999.
“The unfortunate reality for organisations is that destructive cyberattacks, like ransomware or wiper** attacks, are a largest threat to their business continuity. However, organisations can face this reality head-on by enhancing their cyber resilience - the ability to rapidly respond and recover from cyberattacks or traditional business continuity scenarios - by adopting modern data security, response, and recovery capabilities,” said James Blake, Global Cyber Resilience Strategist, Cohesity.
“It’s not earth-shattering that organisations are being hit with cyberattacks. But what is of major concern is that 69% of respondents said their organisation had paid a ransom, with many breaking their ‘do not pay’ policies, because they either can’t recover their data and restore business processes, or overestimate their cyber resilience capabilities.”
Four in 10 (42%) respondents said their centralised visibility of critical data between IT & security could be improved (SG: 46%, MY: 35%). When asked about their data access control measures to align with zero trust security principles, two in three companies or fewer said they have deployed multifactor authentication, separation of duty controls, or role-based access controls:
Multifactor authentication (MFA): 66%6
Quorum controls or administrative rules requiring multiple approvals: 57%7
Role-based access control (RBAC) - 55%8
“The first step in achieving cyber resilience is managing and securing access to the business-critical data that must be recovered from to restore business processes, when suffering a cyberattack. The fact that just over two in three have one of the three most important data access controls deployed, demonstrates the significant risk that Singaporean & Malaysian companies have in being able to recover as fast as possible,” said Sathish Murthy, Director of Systems Engineering, Cohesity ASEAN & India.
Despite governments and public institutions going to great lengths to encourage more robust cybersecurity, data protection, and data privacy, only 56% (SG: 47%, MY: 69%) of respondents said they had all the IT and security technology capabilities to identify sensitive data and comply with applicable data privacy laws and regulations. Respondents also revealed that the benefit of advanced threat detection, data isolation, and data classification stretches beyond capabilities, with 88% saying these are vital for qualifying for cyber insurance, or securing discounts on policies.
When asked ‘What, if any, industries and/or sectors do you think are most impacted by cyberattacks?’, respondents selected these industries and sectors as the ‘Top 7’:
Singapore:
IT & Technology - 57%
Financial Services (including insurance companies) & - 36%
Telecommunications & Media (including streaming services) - 36%
Banking & Wealth Management - 35%
Government & Public Services - 32%
Malaysia:
IT and technology - 68%
Banking and wealth management - 37%
Financial Services (including insurance companies) - 34%
“Cyber resilience is non-negotiable because the motivation of attackers is so high and attack surfaces are so wide, a complete belief in protective controls is unrealistic,” said James Blake, Global Cyber Resilience Strategist, Cohesity.
“Successful cyberattacks and data breaches severely impact business continuity, including revenue, companies’ reputation, and customer trust. This reality should keep business leaders, not just IT and security leaders, awake at night. Regulation and legislation should not be the ‘ceiling’, but instead a high ‘floor’, in developing cyber resilience, and adopting data security best practices or capabilities.”
When it comes to cybersecurity, eight in 10 respondents (SG: 76%, MY: 85%) said their organisation had responded to what they believe to be AI-based cyberattacks or cyber threats in the past 12 months. Despite being challenged by these attacks and threats that leverage AI, 89% (SG: 90%, MY: 88%) said they had the ‘necessary AI powered solutions to counter and respond to these attacks’. Of the 20% who said they had not responded to AI-based cyberattacks or cyberthreats in the past 12 months, over half (55%)9 said they have the ‘necessary AI powered solutions to counter and respond to these attacks’, close to three in 10 said they do not, and 16%10 said they were unsure.
*The findings are based on a survey of 302 Singaporean and 202 Malaysian IT and security decision-makers. It was commissioned by Cohesity and conducted by Censuswide between late June and early July. Survey respondents were polled separately in Singapore and Malaysia.
**Wiper attacks destroy the data instead of allowing the data to be retrieved if a ransom is paid.
1 SG: 49% | MY: 44%
2 Respondents were provided with the NIST definition of cyber resiliency at the start of the survey: “The ability to anticipate, withstand, recover from, and adapt to adverse conditions, stresses, attacks, or compromises on systems that use or are enabled by cyber resources. Cyber resiliency is intended to enable mission or business objectives that depend on cyber resources to be achieved in a contested cyber environment.”
3 SG: 12% | MY: 9%
4 SG: 71% | MY: 78%
5 Respondents were asked to select the ransom amount they had paid with the last year, or if they had paid multiple ransoms to select the total amount of the ransoms they had paid.
6 SG: 67% | MY: 64%
7 SG: 60% | MY: 53%
8 SG: 58% | MY: 51%
9 SG: 56% | MY: 53%
10 SG: 16% | MY: 13%
No comments:
Post a Comment