A Frost & Sullivan study commissioned by Microsoft revealed that the potential economic loss across Asia Pacific due to cybersecurity incidents can hit a staggering US$1.745 trillion. This is more than seven percent of the region’s total GDP of US$24.3 trillion.
The study, titled “Understanding the Cybersecurity Threat Landscape in Asia Pacific: Securing the Modern Enterprise in a Digital World”, aims to provide business and IT decision makers with insights on the economic cost of cybersecurity breaches in the region and identify the gaps in organizations’ cybersecurity strategies. The study involved a survey of 1,300 business and IT decision makers ranging from mid-sized organizations (250 to 499 employees) to large-sized organizations.
The study reveals that more than half of the organizations surveyed have either experienced a cybersecurity incident (25%) or are not sure if they had one as they have not performed proper forensics or data breach assessment (27%).
“As companies embrace the opportunities presented by cloud and mobile computing to connect with customers and optimize operations, they take on new risks,” said Eric Lam, Director, Enterprise Cybersecurity Group, Microsoft Asia.
“With traditional IT boundaries disappearing the adversaries now have many new targets to attack. Companies face the risk of significant financial loss, damage to customer satisfaction and market reputation—as has been made all too clear by recent high-profile breaches.”
The study revealed that:
To calculate the cost of cybercrime, Frost & Sullivan has created an economic loss model based on macro-economic data and insights shared by the survey respondents. This model factors in three kinds of losses which could be incurred due to a cybersecurity breach:
“Although the direct losses from cybersecurity breaches are most visible, they are but just the tip of the iceberg,” said Edison Yu, Vice President and Asia Pacific Head of Enterprise for Frost & Sullivan. “There are many other hidden losses that we have to consider from both the indirect and induced perspectives, and the economic loss for organizations suffering from cybersecurity attacks can be often underestimated.”
In addition to financial losses, cybersecurity incidents are also undermining Asia Pacific organizations’ ability to capture future opportunities in today’s digital economy, with one in six (59%) respondents stating that their enterprise has put off digital transformation efforts due to the fear of cyber-risks.
Although high-profile cyberattacks, such as ransomware, have been garnering a lot of attention from enterprises, the study found that for organizations in the Asia Pacific that have encountered cybersecurity incidents, fraudulent wire transfer, data corruption, online brand impersonation and data exfiltration are the biggest concern as they have the highest impact with the slowest recovery time.
Besides external threats, the research also revealed key gaps in organizations’ cybersecurity approach to protect their digital estate:
“The ever-changing threat environment is challenging, but there are ways to be more effective using the right blend of modern technology, strategy, and expertise,” added Eric. “Microsoft is empowering businesses in Asia Pacific to take advantage of digital transformation by enabling them to embrace the technology that’s available to them, securely through its secure platform of products and services, combined with unique intelligence and broad industry partnerships.”
In a digital world where cyberthreats are constantly evolving and attack surface is rapidly expanding, AI is becoming a potent opponent against cyberattacks as it can detect and act on threat vectors based on data insights. The study reveals that three in four (75%) of organizations in Asia Pacific have either adopted or are looking to adopt an AI approach towards boosting cybersecurity.
AI’s ability to rapidly analyze and respond to unprecedented quantities of data is becoming indispensable in a world where cyberattacks’ frequency, scale and sophistication continue to increase.
An AI-driven cybersecurity architecture will be more intelligent and be equipped with predictive abilities to allow organizations to fix or strengthen their security posture before problems emerge. It will also grant companies with the capabilities to accomplish tasks, such as identifying cyberattacks, removal of persistent threats and fixing bugs, faster than any human could, making it an increasingly vital element of any organizations’ cybersecurity strategy.
AI is but one of the many aspects that organizations need to incorporate or adhere to in order to maintain a robust cybersecurity posture. For a cybersecurity practice to be successful, organizations need to consider People, Process and Technology, and how each of these contributes to the overall security posture of the organization.
To help organizations better withstand and respond to cyberattacks and malware infections, here are five best practices that they can consider in improving their defense against cybersecurity threats: