Singapore – 9 in 10 organisations in Asia Pacific have adjusted their cybersecurity strategy, following the customer confidence issues faced by 46% of companies in the region. This is according to a recent report by the computer and network security firm LogRhythm.
Data from the findings further revealed that 85% of security executives rated their cybersecurity defence as good or excellent, 72% of the companies indicated they have lost deals due to customer confidence issues stated that it occurred within the last 18 months.
This disparity underscores a disconnect between security executives and their customers on the effectiveness of their cybersecurity defence, indicating gaps in meeting customer expectations for data protection.
Moreover, it was also noted that 98% of respondents in APAC emphasised that they have changed their company security strategy in the last 12 months to combat the dynamic threat landscape.
One of the primary reasons involved in this change involves the utilisation of artificial intelligence for threat management and new security solutions (77%), citing Indonesia at 86% as the leading country for this trend.
Apart from these reasons, the report also observed that changing regulations or compliance requirements (66%), new attack types (58%), and budget changes (48%) are among them.
The study further unveiled an increasing demand for senior leaders to be accountable for security breaches, with 80% stating that cybersecurity leaders and CEOs should ultimately bear the responsibility for protecting against and responding to cyber incidents.
Interestingly, although executives are now expected to bear greater responsibility for cybersecurity breaches, a communication gap is said to exist between security teams and non-security executives. Despite the difference, it further indicated that 90% possess the right tools to easily communicate the current security status to key stakeholders across teams, higher than the global average of 81%.
In addition, an average of 84% of APAC respondents have also noted an increase in their company’s cybersecurity budget in response to the changing threat landscape, higher than the global average of 76%. Around 84% further stated confidence in having the necessary resources to protect their company from cyberattacks.
In evaluating the impact of these investments, security teams, who encounter difficulties in explaining the need for a particular security solution to non-security stakeholders, often overlook reporting on key operational metrics that determine the measurable impact of security investments and strategy adjustments.
In particular, security reports primarily focus on critical data such as breaches (75%), incidents (68%), and security risks (67%). Security operational metrics, such as time to detect (57%), time to respond (63%), and time to recover (47%), are featured less significantly in these reports.
Talking about the study, Andrew Hollister, chief information security officer at LogRhythm, said, “The evolving role of cybersecurity leadership reflects a fundamental shift in how organisations view and manage cyber risk. Today’s threat environment demands a collaborative approach, with senior executives working hand-in-hand with security professionals to understand the risks, make well-informed strategic decisions, and allocate the necessary resources to safeguard the organisation and its clients.”
Yen Nee Si, country manager for Asia at LogRhythm, also stated, “Our latest research reflects the ambitions of APAC organisations to keep pace with the region’s advanced digitization efforts by ramping up their cybersecurity investments. However, APAC security teams continue to face challenges like communication gaps and the lack of metrics to measure the impact of cybersecurity investments, despite increasing budgets.”
“To overcome these challenges, organisations can facilitate collaboration opportunities between security and non-security teams and foster a shared understanding of each team’s requirements and responsibilities to streamline and enhance overall operational efficiency across different departments,” continued Si.
“Increased investments in cybersecurity solutions can also be complemented by employing automation technologies for reporting, which liberates teams from manual tasks to focus on higher-value work. This enables seamless communication among stakeholders, with ready access to real-time data on demand,” Si concluded.
