Busysecuring remote-workers, tightening IT security and trying to procure more financial resources and buy-in: APAC survey

In an Aug 2021 survey of 1,006 IT and cybersecurity decision-makers and influencers of organizations with 500+ employees in financial services, healthcare, public sector, technology and e-commerce sectors in Australia, Japan, Singapore, India and Malaysia (n=200 to 203 per country), the impact of the pandemic on IT security challenges and awareness/adoption/implementation of Zero Trust was gauged.

The Asia Pacific region (APAC) findings show that respondents were looking for new ways to secure their workforce to cope with flexible workforce arrangements and the increased cyberattack in the landscape.

Data showed that 54% of APAC respondents had experienced increased security issues in 2021 than in 2021, while 83% indicated they had to make changes to their IT security procedures.

Other findings include:

  • 44% of respondents indicated the pandemic has had a significant impact on how their organization approached IT security; 77% indicated shared IT security as one of the main areas of concern
  • 88% of respondents indicated their organization will be implementing a flexible workforce, with 85% indicating their workforce will be more mobile in the future.
  • 86% of respondents were aware of Zero Trust; 66% indicated they had implemented a Zero Trust strategy. Of those that had yet to implement Zero Trust, 58% indicated intentions to do so in the next 12 months.
  • 67% of respondents stated that the biggest risk to their ability to execute zero trust was the lack of internal IT security experts. Other factors were obtaining buy-in, and allocating the appropriate level of financial resources.

According to Jonathon Dixon, Vice-President and General Manager (Asia Pacific, Japan and China), Cloudflare, Inc. which commissioned the survey: “Companies are moving towards a hybrid way of working and the only way to secure today’s work-from-anywhere economy is to secure each individual employee. That means protecting their individual networks, devices, and access to business-critical applications.”