Singapore organisations trail global counterparts in cyber risk visibility, threat validation: study

by

Aliza Carmona

-

19 hours ago

Singapore – Despite Singapore’s reputation as a global leader in financial services technology and critical infrastructure, organisations in the city-state rank last among countries surveyed for automated threat validation and consolidated cyber risk visibility, according to a new report by threat management company Filigran.

According to the findings by Filigran’s inaugural State of Threat Management report, only 18% of organisations in Singapore use threat intelligence within a continuous, fully automated validation process—the lowest rate among all countries surveyed and well below the global average of 38%. Meanwhile, just 24% reported having a fully consolidated view of cyber risk exposure, tying with the UK for the lowest level in the study.

The report also found that 34% of Singapore organisations have a fully established continuous threat exposure management (CTEM) programme, compared to 48% in Australia and 58% in North America.

Operational and technical challenges remain the biggest obstacles for organisations in Singapore. Respondents identified integrating existing security tools and processes (62%), limited visibility into real-world cyber risks (52%), staff capacity constraints (42%), and budget limitations (42%) as their top barriers to improving exposure management.

In contrast, only 22% of Singapore respondents cited a lack of executive support as a challenge, below the global average of 33% and Australia’s 48%, suggesting that organisational leadership is generally aligned on cybersecurity priorities.

The findings also place Singapore within a broader regional trend. Across Asia Pacific, 94% of respondents believe automation is essential for cybersecurity operations, yet only 27% have implemented continuous automated threat validation. The report says this represents the widest gap between perceived importance and actual adoption among all regions surveyed.

Among Asia-Pacific markets, Singapore recorded the region’s lowest automated threat validation rate and weakest consolidated cyber risk visibility. Japan reported the lowest CTEM maturity, with only 22% of organisations having fully established programmes, while Australia stood out for reporting the highest incidence of executive buy-in as a barrier, with 48% of respondents citing leadership support as a challenge.

Kelvin Chin, ASEAN Director, Filigran, said, “Filigran’s open-source model makes it accessible for teams at any stage of the journey. You do not need to have everything figured out before you start. You start with a flexible system of records for Threat Intelligence, understand what is actually targeting your environment, and you build from there. The data tells us Singapore is behind on this. The good news is that the starting point aggregates what you already have, correlates and operationalises towards a cost-efficient CTEM program.”

Globally, the report highlights ongoing difficulties in operationalising cyber risk management. Only 41% of organisations reported having a fully consolidated view of cyber risk exposure, while 97% said they struggle to determine whether identified exposures are genuinely exploitable. Additionally, 88% agreed that greater automation is needed to help security teams keep pace with the growing volume of cyber risks.

The report also found that security teams spend an average of 42% of their time investigating risks that ultimately prove to be low priority or non-exploitable. Most organisations also take longer than a day to detect (72%), respond to (71%), and remediate (83%) security incidents.

Kevin Vanhaelen, SVP Asia Pacific and Japan, Filigran, said, “All Singapore respondents in this study face at least one barrier to improving their exposure management, which indicates issues with tooling and integration.” Filigran’s solutions give security teams a platform that meets data sovereignty requirements, connecting threat intelligence to validation to remediation in a single, continuous workflow, without requiring a 50-person Security Operations Centre (SOC) or a three-year implementation programme to see value.”

The findings are based on an independent survey conducted by Vanson Bourne between February and March 2026. The study gathered responses from 550 senior cybersecurity decision-makers and practitioners across the United States, Canada, the United Kingdom, France, Germany, the UAE, Australia, Japan, and Singapore, with Singapore contributing 50 respondents. 

Participants represented organisations with at least 1,000 employees across sectors including financial services, technology, government, energy, healthcare, and retail.

The findings come as Singapore continues to tighten its cybersecurity requirements. The Monetary Authority of Singapore’s Technology Risk Management Guidelines require financial institutions to continuously monitor cyber intelligence and conduct regular scenario-based exercises, while amendments to the Cybersecurity Act now require critical information infrastructure owners to report certain cyber incidents within two hours of detection. Separately, the Cyber Security Agency has mandated that CII owners achieve Cyber Trust Mark Level 5 certification by the end of 2027.

Recognise the innovators redefining commerce at the Retail & E-commerce Excellence Awards Asia Pacific 2026! Taking place this December 2026, we celebrate the region’s most impactful retail strategies, standout e-commerce experiences, and forward-thinking leaders—submit your entries today!
Honour the women shaping the future of marketing and technology at the Empowered Women Awards 2026! This December 2026, we celebrate inspiring leaders, changemakers, and rising voices driving impact across the industry—submit your entries today!
Share

RECENT ARTICLES

Singapore organisations trail global counterparts in cyber risk visibility, threat validation: study
Tata Communications expands India-Singapore subsea network to support enterprise AI connectivity
OceanBase launches AI database platform to unify multimodal data and enterprise AI workloads
Blackwall expands into Vietnam, partners with HostVN to deliver web traffic security
Ping Identity names Akkasha Sultan to lead APJ growth and market expansion
Ellipse 3

RELATED ARTICLES

Organisations in Singapore are experiencing gaps in AI governance and risk management
Singapore's digital government reveals room for improvement on accessibility, site performance report (1)_11zon
Singapore sees 24
Ellipse 3

FEATURED ARTICLES

'Retail & E-Commerce Innovation Summit' returns for its 2nd edition in the Philippines — initial speaker lineup revealed
‘Retail & E-Commerce Excellence Awards Asia Pacific
Empowered Women Awards 2026 to honour leading women trailblazing the technology and marketing industries

Subscribe to UpTech Media Newsletter

JOIN OUR NEWSLETTER

Subscribe to our newsletter to get the latest APAC marketing news.