According to a survey in Singapore and Malaysia, the main drivers were data recovery shortfalls and perceived lack of cyber resilience

Based on a June/July 2024 survey of 302 Singaporean (302) and 202 Malaysian IT & Security decision-makers* on data security and data management issues, some trends were disclosed.

First, the majority of respondents’ organizations had been victim to a ransomware attack in the last six months, with the view that the threat of cyberattacks to their industry has or will increase in 2024.

Second, 70% of the respondents’ firms had paid a ransom in the past 12 months, with 65% of those in Singapore, and 77% of those in Malaysia. According to respondents, the cyber threat landscape is expected to get even worse in 2024, with more than 9 in 10 (SG: 91%, MY: 97%) respondents saying the threat of cyberattacks to their industry will increase or had increased this year, and almost 1 in 2 (47%)1 said it had or will increase by over 50%.

Other findings

Respondents indicated that keeping their organizations’ cyber resilience and data security strategies up to speed with the current threat landscape was challenging, with 41% indicating they did not have complete confidence in their organization’s cyber resilience strategy and its ability to ‘address today’s escalating cyber challenges and threats’. Also:

  • Asked if they could recover data & restore business processes within 24 hours, 5% of SG and 1% of MY respondents cited the affirmative.
  • Could respondents recover data and restore business processes within 1–3 days? SG respondents: 26%, MY respondents: 20%. In terms of recovery turnaround time:
    • 4–6 days — Singapore respondents: 31% vs MY respondents: 38%
    • 1–2 weeks — Singapore respondents: 24% vs MY respondents: 28%
  • Those who needed over three weeks to recover data and restore business processes: SG respondents: 13% vs MY respondents: 11%
  • 97% of respondents indicated their targeted optimum recovery time was within a day, despite 3% indicating they could recover data and restore business processes within this same period.
  • 69% (SG: 64%, MY: 76%) of respondents indicated their organization had paid a ransom in the last year, despite 74% having a corporate ‘do not pay’ policy.
  • Of the 64% of Singaporean respondents that indicated having paid a ransom in the last year, 36% paid US$500,000 or more in ransom payments, while 47% had paid a ransom between US$100,000 and US$499,999. Comparatively, of the 76% of Malaysian respondents that had paid a ransom in the last year, 27% had paid US$500,000 or more in ransom payments, while 54% had paid a ransom(s) between US$100,000 and US$499,999.
  • 42% of respondents (SG: 46%, MY: 35%) indicated their centralized visibility of critical data between IT & Security could be improved. When asked about their data access control measures to align with zero trust security principles, two in three respondents (or less) indicated having deployed multi-factor authentication (66%), separation of duty controls (57%), or role-based access controls (55%).
  • 80.5% (SG: 76%, MY: 85%) of respondents indicated their organization had responded to what they believed to be AI-based cyberattacks or cyber threats in the past 12 months. Some 89% (SG: 90%, MY: 88%) indicated they had the “necessary AI-powered solutions to counter and respond to these attacks.” Of the 20% that indicated they did not have AI-based cyberattacks or cyber threats in the past 12 months, 55% indicated they had the “necessary AI-powered solutions to counter and respond to these attacks,” and close to three in 10 indicated they did not, while close to one in six indicated they were unsure.

According to James Blake, Global Cyber Resilience Strategist, Cohesity, the firm that commissioned the survey: “Cyber resilience is non-negotiable because the motivation of attackers is so high and attack surfaces are so wide, a complete belief in protective controls is unrealistic. Successful cyberattacks and data breaches severely impact business continuity… regulation and legislation should not be the ‘ceiling’, but instead a high ‘floor’, in developing cyber resilience, and adopting data security best practices or capabilities.”

*comprising of 50% each of IT and of security decision makers as much as possible, from five industries: IT & Telecommunications; Manufacturing; Hospitals & Healthcare; Financial Service (including Insurance); and Banking & Wealth Management