Some 1,100 respondents from five APAC countries shed some light on their organizations’ post-incident cyber resilience challenges.
Based on a September 2025 survey of 3,200 IT and security decision makers* on the financial impacts of cyberattacks, some data findings have been shared with the media.
First, 76% of respondents five APAC countries indicated their organizations had experienced at least one material cyberattack causing measurable financial, reputational, operational, or customer churn impacts.
Second, among respondents from publicly traded firms in the APAC list, 73% cited having adjusted earnings or financial guidance as a result of a cyber incident, while 69% indicated their stock prices had been affected.
Other findings
Third, 74% of those in privately held firms had indicated redirecting budgets away from innovation and growth initiatives following a cyberattack. Also, of the respondents from the five APAC countries in the survey:
- 96% had cited legal, regulatory, or compliance consequences from cyber incidents, including fines and lawsuits
- 89% had reported paying a ransom in the past year, with 40% paying US$1m or more
- 52% had indicated that internal communication and coordination had been hindered during cyberattacks due to critical system outages
- 42% had recovery followed by reinfection as a notable challenge
- 97% had reported data restoration from backups taking more than 24 hours after an attack, with 12% requiring at least a week
- 84% of IT and security leaders in (APAC list) had indicated that Generative AI adoption was progressing faster than their organizations could manage risks safely
According to Sanjay Poonen, CEO and President, Cohesity, the firm that commissioned the survey, when cyber incidents caused respondents’ large organizations to “rethink forecasts, absorb market reactions, and redirect budgets…,” cyber resilience can affect their business and financial planning.
