Cybersecurity News in Asia

Cyber resilience requires leaders that manage risk with full organizational support: report

By CybersecAsia editors | Thursday, May 2, 2024, 10:11 AM Asia/Singapore

Organizational and leadership mindset gaps in supporting CIOs could weaken or undermine even seemingly comprehensive response plans, as one survey suggests

Through a Sep 2023 poll of 1,917 IT security practitioners from firms with 100 to 5,000 employees across various industries in the United States (522), the United Kingdom (372), France (329), Germany (425), and Australia (269), some trends were summarized in a report on cyber risk resilience.

First, 49% of respondents from the smaller to mid-sized firms listed implementing “company-wide security policies such as authentication measures and access controls” as one of their top two governance challenges. Other challenges indicated by respondents included: “senior management doesn’t see cyberattacks as a significant risk” (35% of smaller firms); “lack of budget” (38% of larger firms) and “lack of skilled professionals) (35% of larger firms)

Second, around one in 10 respondents indicated not having an incident response plan to turn to, in the event of a successful breach. Other concerns indicated included “a lack of security and control over the supply chain” and “visibility into third parties with access to sensitive or confidential data.”

Third, respondents from financial services organizations were the most confident about their ability to cope, with 55% rating their security posture as “highly effective”. The smallest firms surveyed were the least optimistic, with 48% rating their security posture at the lower end of the scale.

Another key trend in the data was: 23% of respondents from the largest firms polled cited never having tested their incident response plan, possibly because doing so in a large business can be a complex, time-consuming, and disruptive process. Further, around one in 10 overall indicated they did not have an incident response plan in place.

According to Siroui Mushegian, CIO, Barracuda Networks, the firm that commissioned the poll: “For many businesses today, a security incident of some kind is almost inevitable. What matters is how you prepare for, withstand, respond to, and recover from the incident. This is cyber resilience. When NIST updated its benchmark cybersecurity framework… it added security governance as a strategic priority.”

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

CybersecAsia Voting Placement

Gamification listing or Participate Now

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

2024 Insider Threat Report: Trends, Challenges, and Solutions
Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper
AI-Powered Cyber Ops: Redefining Cloud Security for 2025
The future of cybersecurity is a perfect storm: AI-driven attacks, cloud expansion, and the convergence …Download Whitepaper
Data Management in the Age of Cloud and AI
In today’s Asia Pacific business environment, organizations are leaning on hybrid multi-cloud infrastructures and advanced …Download Whitepaper
Mitigating Ransomware Risks with GRC Automation
In today’s landscape, ransomware attacks pose significant threats to organizations of all sizes, with increasing …Download Whitepaper

Middle-sidebar-banner

Case Studies

Meeting the business resilience challenges of digital transformation
Data proves to be key to driving secure and sustainable digital transformation in Southeast Asia.Read more
Upgrading biometric authentication system protects customers in the Philippines: UnionDigital Bank
An improved dual-liveness biometric framework can counter more deepfake threats, ensure compliance, and protect underbanked …Read more
HOSTWAY gains 73% operational efficiency for private cloud operations
With NetApp storage solutions, the Korean managed cloud service provider offers a lean, intelligent architecture, …Read more
CISOs can navigate emerging risks from autonomous AI with a new security framework
See how security leaders can adopt layered strategies addressing intent, governance, and oversight to manage …Read more

Featured

Staying resilient against the invisible onslaught of AI-powered attacks

Featured

Tackling the risks of AI innovations in the cloud

Featured