At the core of global cyber resilience are governments and their stewardship of the private sector towards total and inclusive security.
With remote and hybrid work arrangements set to stay, we are more vulnerable than ever to cyberattacks. On average, advanced cyberattacks can go undetected for 197 days.
Findings from the recent Dell Technologies Global Data Protection Index published in July 2021 found that 72% of employers in the APJ region had seen increased risk of cyber threats with the growth of employees working from home. Google has disclosed that it is blocking more than 100m phishing emails a day.
The financial ramifications of cybercrime are also immense. According to a 2020 report by McAfee and the Centre for Strategic and International Studies, the cost of cybercrime to the global economy was over US$1 trillion in 2020: up 50% from two years ago.
Furthermore, the damage caused by cyberattacks stretch far beyond financial costs. Regardless of the industry or size of the organization, cyberattacks continually expose business and governments to theft or destruction of personal data and intellectual property, as well as reputational harm.
Against this backdrop, it is more pertinent than ever for governments and businesses to rapidly accelerate ‘cyber resilience planning’—to prevent, respond to and recover from cybercrime—to ensure a strong foundation for global economic recovery.
From cyber protection to cyber resilience
Cybersecurity is much more than just an insurance policy against attacks. A cyber resilience strategy incorporates people, process and technology into a holistic framework that protects an entire entity, with cyber recovery as a component of this overall strategy. If implemented effectively, cyber resilience can help turbocharge long-term economic prosperity and innovation.
As governments and businesses prioritize digital transformation as a means to accelerating economic recovery, they must ensure a resilient cyber foundation to ensure security and trust.
IDC predicts that 65% of global GDP will be digitalized by 2022, driving over US$6.8tn of direct digital transformation investments from 2020 to 2023. We have also seen 84% of companies in APJ accelerating their digital transformation program since the pandemic.
New technologies—AI, Big Data, cloud, and edge computing—are revolutionizing the economy, but adoption may be hindered by security concerns. According to Oxford Economics, without a strong cybersecurity foundation companies may hesitate to start digital projects, thus stifling their innovation potential.
So, as global locations look ahead to a tech-driven economic recovery, governments that focus their investments and efforts in the right places will be better positioned to prevent cyberattacks and mitigate damage with the help of robust digital infrastructure.
Governments’ role in boosting cyber resilience
The public sector already recognizes the magnitude of the challenge ahead, and governments across the region are doubling down on cybersecurity initiatives.
Australia has announced an investment of A$1.67bn over 10 years as part of its Cyber Security Strategy 2020, a sizeable increase from the A$230m investment previously announced in 2016.
Meanwhile, the Indian government is expected to announce a new cybersecurity strategy by year end to ensure a safe, secure and resilient cyber space in India—amid a 500% increase in cybercrime during the global pandemic.
Public-private partnership (PPP) is also an important piece of this puzzle. The Cyber Security Agency of Singapore has rolled out a program to corral the industry to co-develop and promote cybersecurity awareness and adoption—an initiative that Dell Technologies supports as an ‘advocate partner’.
However, to secure business and public service infrastructure for the long term, governments must shift focus from simple cybersecurity towards the adoption of risk-based cyber resilience strategies. This goes beyond investing in cybersecurity infrastructure to cultivating a pool of cybersecurity talent with the right skills to adopt cyber resilience.
Recovery planning: the PPP approach
Today, the global gap in the cybersecurity workforce is estimated at more than 3m, with the largest talent shortage of over 2m (66%) in APJ—signaling a pressing need for joint public-private partnership (PPP) skilling initiatives to bridge the gap.
Governments are well positioned to steer the private sector towards implementing a risk-based approach to security. For example, encouraging cloud adoption blended with traditional data centers can help improve response to cyberattacks by providing real-time visibility across networks, thus increasing business continuity. In APJ, Singapore is one of the most advanced public cloud markets.
We are undoubtedly at a crucial juncture in recovery planning, with the opportunity to lay robust digital foundations and empower a new wave of tech-driven infrastructure to survive and thrive in the years ahead. The pace and scale of cyberattacks even in the last one to two years is both a warning and a reminder that a digitally transformed economy and society can only be sustainable with cyber resilience as a firm foundation.
For a start, more than 100 governments have already developed national cybersecurity strategies to protect their citizens, businesses, and critical infrastructure against these risks, according to McKinsey estimates. Four countries within APJ rank among the global top 10 of participating countries in the Global Cybersecurity Index 2020 (GCI) for their commitment to cybersecurity – Singapore (#4), South Korea (#4), Malaysia (#5) and Japan (#7).
Meanwhile, in the time it took to read this article, an estimated 30 cyberattacks would have taken place—each with the potential to damage national infrastructures, organizations, erode citizens’ trust and undermine the prospect of digital transformation.
In being able to reduce the economic and societal impact of cyberattacks while driving growth and innovation, cyber resilience is imperative to a sound and future-proof economic recovery.