Cybersecurity News in Asia

Features
- Featured
  
  Tackling the risks of AI innovations in the cloud
  
  Wednesday, November 5, 2025, 10:36 AM Asia/Singapore | Features
- Featured
  
  Weaponization of GenAI by adversaries
  
  Wednesday, November 5, 2025, 10:15 AM Asia/Singapore | Features, Newsletter
- Featured
  
  Embedding cybersecurity culture in financial institutions: lessons in leadership, collaboration, and cyber resilience
  
  Thursday, October 30, 2025, 11:37 AM Asia/Singapore | Features, Newsletter
Opinions
Tips
Whitepapers
Awards 2025
Directory
E-Learning

Survey of retail industries in 16 countries shows encouraging trends

By CybersecAsia editors | Tuesday, November 11, 2025, 10:03 AM Asia/Singapore

Some 361 retail respondents have cited improved cyber resilience with fewer attacks encrypting data, and faster recovery in 2024/2025.

Based on a Jan – Mar 2025 vendor-agnostic survey of 361 retail IT and cybersecurity leaders from organizations with 100 to 5,000 employees across 16 countries on ransomware incidents up to 12 months prior, one cybersecurity firm has shared some findings among retailers with the media.

First, 46% of retail ransomware incidents in the survey were traced by respondents to an unknown security gap at the time of the attack.

Second, 58% of respondents who had witnessed data encryption in ransomware incidents had indicated their organizations had paid the ransom^ to recover their data.

Other findings
Third, 30% of attacks experienced by respondents were found to have exploited known vulnerabilities, cited as the leading technical root cause in similar surveys* commissioned by the same firm. Also:

48% of respondents cited that ransomware attacks resulted in data encryption, a rate that is lower than that reported in the last five years of surveys by the cybersecurity firm.
The median ransom demand was US$2m, while the average ransom payment was US$1m.
62% of respondents reported restoring data from backups following an attack, marking the lowest backup usage rate in four years.
Among respondents that had cited their organizations caving in to ransom demands, 29% indicated the ransom amount paid matched the initial demand, while 59% had paid less, and 11% had reported paying more.
Respondents’ estimates put the average cost of recovery from attacks (excluding ransom payments) had fallen 40% over three years to reach US$1.65m, compared to higher sums in three previous yearly surveys* by the same cybersecurity firm.
47% of IT and cybersecurity teams among the respondents had reported increased pressure following data encryption events, and 26% of respondents had noted leadership team replacements after incidents.

According to Chester Wisniewski, Director/Global field CISO, Sophos, the firm that has been commissioning the yearly cyber survey of global retail industries, “retailers must have visibility into the threats they face, as well as their assets and their security posture,” and that retailers that combine strong asset management and patching with well-managed cyber risk management services likely “prevent more and recover faster.”

*Readers should note the limitations of comparing survey data across time for “year-over-year juxtaposition” that require full disclosure of every year’s methodological parameters

^ Ransom payment options are influenced not only by technical and operational factors but also by jurisdictional legal frameworks in the countries involved in the survey: Australia, Belgium, Brazil, Canada, China, France, Germany, Italy, Japan, Netherlands, Singapore, Spain, Sweden, the United Arab Emirates, the UK and the US

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

CybersecAsia Voting Placement

Gamification listing or Participate Now

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

2024 Insider Threat Report: Trends, Challenges, and Solutions
Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper
AI-Powered Cyber Ops: Redefining Cloud Security for 2025
The future of cybersecurity is a perfect storm: AI-driven attacks, cloud expansion, and the convergence …Download Whitepaper
Data Management in the Age of Cloud and AI
In today’s Asia Pacific business environment, organizations are leaning on hybrid multi-cloud infrastructures and advanced …Download Whitepaper
Mitigating Ransomware Risks with GRC Automation
In today’s landscape, ransomware attacks pose significant threats to organizations of all sizes, with increasing …Download Whitepaper

Middle-sidebar-banner

Case Studies

Upgrading biometric authentication system protects customers in the Philippines: UnionDigital Bank
An improved dual-liveness biometric framework can counter more deepfake threats, ensure compliance, and protect underbanked …Read more
HOSTWAY gains 73% operational efficiency for private cloud operations
With NetApp storage solutions, the Korean managed cloud service provider offers a lean, intelligent architecture, …Read more
CISOs can navigate emerging risks from autonomous AI with a new security framework
See how security leaders can adopt layered strategies addressing intent, governance, and oversight to manage …Read more
MoneyMe strengthens fraud prevention and credit decisioning
Australian fintech strengthens risk management with SEON to scale lending operations securely and efficiently.Read more

Cybersecurity News in Asia

Featured

Tackling the risks of AI innovations in the cloud

Featured

Weaponization of GenAI by adversaries

Featured

Embedding cybersecurity culture in financial institutions: lessons in leadership, collaboration, and cyber resilience

Survey of retail industries in 16 countries shows encouraging trends

Related Posts

Leave a reply Cancel reply

Voters-draw/RCA-Sponsors

CybersecAsia Voting Placement

Gamification listing or Participate Now

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

Middle-sidebar-banner

Case Studies

Bottom sidebar