With the recent high-profile data breaches involving the likes of Love, Bonito, along with the recently updated guidelines on data breach notification and accountability by the Singapore government, business owners in Southeast Asia (SEA) are looking to invest more in cybersecurity.
According to Kaspersky’s Global Corporate IT Security Risks Survey (ITSRS), 79% of the respondents from the region have confirmed their plan to boost their IT security regardless of the return-on-investment, noting that it is better to be safe than sorry.
After interviewing IT business decision makers across the globe including nearly 300 in SEA, the study also showed that majority (96%) of the workstations located in the region have endpoint security solutions installed, a bit higher than the Asia Pacific average of 92% and the global score of 87%.
Interestingly, more than 1-in-10 of the security solutions being used by SMBs and enterprises in the region are free software. Another 19.5% of the participants admitted to using licenced solutions which are meant for home use only.
“It is commendable to know that more and more businesses in the region are seeing the value of beefing up their capability to fend off cyberattacks. The willingness to invest more is important, undoubtedly. However, it is still alarming that there are still some businesses which use either a free endpoint security or a solution intended for individual internet users only,” commented Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.
“Free endpoint solutions may offer protection against commonly known viruses, but such leave corporate systems open for the increasing and more damaging unknown and sophisticated threats. Business organisations’ networks are also more complex as compared with a basic home-based internet system. Adding in the weight of confidential information being processed and the complex data touchpoints in both SMBs and large companies, the use of free and individual software solutions can seriously put a business’ entire IT ecosystem at risk,” he explained.
In terms of the state of the IT workforce, nearly 4-in-10 (39.8%) businesses in SEA have two to nine people working on IT security. Some 6.7% noted that only one employee manages the business’ entire cybersecurity environment.
Conducted late last year, the survey also revealed that majority (78.3%) of the employees involved in IT security are specialist internal staff, while 21.4% were being outsourced from a support company. Another 11.7% are non-specialist internal staff.
Furthermore, the research conducted by the global cybersecurity company further unmasked that almost half (42%) of businesses in SEA are unsure in terms of effective strategies to combat complex threats.
“Let’s face it, data breaches can happen to anyone especially with more technological breakthroughs requiring businesses to transform digitally, as fast as they can. It is, however, not a curse but a challenge to take on. Endpoint solutions serve as the foundation of an organisation’s security infrastructure. Combining effective tools with an in-depth threat intelligence can help build a safer IT network for every type of company,” added Mr Yeo.
To help businesses in establishing their IT defences, Kaspersky experts recommend the following measures:
- Speak to all your employees about cybersecurity through cyberawareness training. You and all of your employees should gain an understanding of rules and expectations regarding everything from passwords to customer privacy, from physically securing technology to data classification.
- Assess your company’s cybersecurity risks when planning your budget. Consider the cost to the company and the probability of their occurrence.
- Rely on expertise. Decisions about the purchasing of cybersecurity tools or services should not be taken by one person. Before this stage, an expert analysis should be made that reveals the best option for the best price.
- Install comprehensive security software everywhere — servers, PCs, other connected devices such as Kaspersky Endpoint Security for Business which packs multi-layered features in one solution for a single purchase, including protection against exploits and file-less attacks and the industry’s most complete anti-ransomware feature set.
- Set up your endpoint solution to stay up-to-date and renew it on time.