In a survey of 900 respondents from six ASEAN markets, misalignments of cyber resilience expectations pointed to poorer data readiness sentiments

Based on a Dec 2023/Jan 2024 quantitative market research survey involving 900 respondents* who were CIO/CISO, IT Leader, IT decision makers and direct reports, on their organizations’ state of data readiness and cyber resilience, some findings were announced.

First, 71% of respondents cited having experienced at least one cyberattack in the past year of the survey. Those in Singapore, Thailand, and Vietnam had experienced the majority of attacks on data environments, including production, secondary, and backups, while attacks on production data only was  highest in respondents from Singapore, Malaysia, and Vietnam. Of respondents that had experienced any cyberattack, 35% indicated having successfully recovered 100% of their data. Some 47% indicated retrieving 60% of their data, while 17% retrieved about 30% of their data.

Second, respondents who were business leaders had misaligned expectations with those who were in the IT teams: 24% of those who were business leaders indicated expecting an outage of “one day or less” as “tolerable”, while 79% expected the organization to have data access restored and be back in business by the fifth day. However, respondents in the IT teams indicated the average time it took to recover from a breach was between four and five weeks.

Other findings

According to Michel Borst, Area Vice President, Commvault, the firm that commissioned the survey, they were serious gaps in respondents’ organizations’ level of maturity in cyber resilience (as compared to merely maintaining cybersecurity), and “their ability to recover all data, and the speed by which they can resume operations as the business requires.”

*150 each from firms selected in Indonesia, Malaysia, the Philippines, Singapore, Thailand and Vietnam, employing between 100 and 199 or more-than-200 employees