Cybersecurity News in Asia

Features
- Featured
  
  Leveraging digital twins to combat rising AI-powered threats
  
  Thursday, January 8, 2026, 1:58 PM Asia/Singapore | Features
- Featured
  
  Editor's pick: Cybersecurity trends in 2026
  
  Wednesday, January 7, 2026, 10:36 AM Asia/Singapore | Cyberthreat Landscape, Features, Newsletter
- Featured
  
  Exploding identity fraud and deepfakes challenge manual oversight of autonomous AI
  
  Tuesday, December 30, 2025, 9:27 AM Asia/Singapore | Features, Newsletter
Opinions
Tips
Whitepapers
Awards 2025
Directory
E-Learning

Survey of retail industries in 16 countries shows encouraging trends

By CybersecAsia editors | Tuesday, November 11, 2025, 10:03 AM Asia/Singapore

Some 361 retail respondents have cited improved cyber resilience with fewer attacks encrypting data, and faster recovery in 2024/2025.

Based on a Jan – Mar 2025 vendor-agnostic survey of 361 retail IT and cybersecurity leaders from organizations with 100 to 5,000 employees across 16 countries on ransomware incidents up to 12 months prior, one cybersecurity firm has shared some findings among retailers with the media.

First, 46% of retail ransomware incidents in the survey were traced by respondents to an unknown security gap at the time of the attack.

Second, 58% of respondents who had witnessed data encryption in ransomware incidents had indicated their organizations had paid the ransom^ to recover their data.

Other findings
Third, 30% of attacks experienced by respondents were found to have exploited known vulnerabilities, cited as the leading technical root cause in similar surveys* commissioned by the same firm. Also:

48% of respondents cited that ransomware attacks resulted in data encryption, a rate that is lower than that reported in the last five years of surveys by the cybersecurity firm.
The median ransom demand was US$2m, while the average ransom payment was US$1m.
62% of respondents reported restoring data from backups following an attack, marking the lowest backup usage rate in four years.
Among respondents that had cited their organizations caving in to ransom demands, 29% indicated the ransom amount paid matched the initial demand, while 59% had paid less, and 11% had reported paying more.
Respondents’ estimates put the average cost of recovery from attacks (excluding ransom payments) had fallen 40% over three years to reach US$1.65m, compared to higher sums in three previous yearly surveys* by the same cybersecurity firm.
47% of IT and cybersecurity teams among the respondents had reported increased pressure following data encryption events, and 26% of respondents had noted leadership team replacements after incidents.

According to Chester Wisniewski, Director/Global field CISO, Sophos, the firm that has been commissioning the yearly cyber survey of global retail industries, “retailers must have visibility into the threats they face, as well as their assets and their security posture,” and that retailers that combine strong asset management and patching with well-managed cyber risk management services likely “prevent more and recover faster.”

*Readers should note the limitations of comparing survey data across time for “year-over-year juxtaposition” that require full disclosure of every year’s methodological parameters

^ Ransom payment options are influenced not only by technical and operational factors but also by jurisdictional legal frameworks in the countries involved in the survey: Australia, Belgium, Brazil, Canada, China, France, Germany, Italy, Japan, Netherlands, Singapore, Spain, Sweden, the United Arab Emirates, the UK and the US