A recent study by Kaspersky revealed that APAC organizations in critical infrastructure, oil and gas, and energy industries globally suffered the largest number of cyber incidents due to insufficient budget allocation (25%). However, the retail sector experienced the highest number of successful cyberattacks in Asia Pacific in the last 24 months.
The survey showed that 19% of companies have reported cyber incidents in the past two years, which could be attributed to insufficient investment in cybersecurity. Moreover, 16% of the companies admit needing more budget to ensure adequate cybersecurity measures.
Insufficient allocation of the cybersecurity budget resulted in 19% of Asian companies experiencing cyber incidents in the past two years.
The situation is different for every industry. For example, the lack of budget caused the highest number of cyber breaches in retail organizations (37%), followed by telecommunication companies (33%) and critical infrastructure, energy, oil and gas sectors (23%).
Meanwhile, the manufacturing industry suffered 11% of cyber incidents due to budget constraints. In comparison, the transport & logistics industry saw 9% of them.
According to a recent survey, 83% of Asia-Pacific respondents believe they have the necessary resources to keep up with or even stay ahead of new cybersecurity threats. However, 16% of companies are struggling in this area, with 15% reporting that they don’t have enough funds to protect their infrastructure adequately. Only 2% of companies claimed to lack a dedicated cybersecurity budget.
The financial services industry has been the most successful in APAC regarding proper monetary distribution for cybersecurity. According to a survey, 100% of the respondents in this industry claim that their organizations are equipped to keep up with and stay ahead of all new threats.
Many companies want to enhance cybersecurity in the next 12-18 months. Threat detection software (46%) and training programs are the most popular investment areas. Half of the companies surveyed (50%) plan to allocate budgets for educational programs for cybersecurity professionals, while 46% plan to train their general staff.
Organizations are planning to take different measures soon, including introducing endpoint protection software (42%), hiring more IT professionals (37%), and adopting SaaS cloud solutions (45%).
To get the most out of your budget, Kaspersky recommends:
- Implement cybersecurity products with advanced anomaly control, such as Kaspersky Endpoint Detection and Response Optimum. This helps prevent potentially dangerous ‘out of the norm’ activities initiated by a user or an attacker who has already taken control of the system.
- Using easily-manageable solutions. Kaspersky Endpoint Security Cloud is designed for smaller enterprises or companies needing more money for a vast stack of cybersecurity products.
- Investing in training for everyone in your company – from general staff to decision makers. Kaspersky Automated Security Awareness Platform training teaches employees safe internet behavior and includes simulated phishing attack exercises. At the same time, Kaspersky Cybersecurity for IT Online training helps build up simple yet effective IT security best practices and simple incident response scenarios for generalist IT admins, while Kaspersky Expert Training equips your security team with the latest knowledge and skills in threat management and mitigation to defend your organization against even the most sophisticated attacks. Lastly, to advance decision-makers’ understanding of the importance of cybersecurity and how best to distribute budgets to stay ahead of threats, engage them with Kaspersky Interactive Protection Simulation for enhanced C-level professional education.
- Considering experts’ help. For example, the Kaspersky Assessments family of professional services identifies security gaps in your system’s configuration, and the Security Architecture Design helps create an IT security infrastructure that’s a perfect fit for a particular company. Every step of implementation is grounded in real security needs, giving decision-makers convincing arguments to allocate budgets.
- Referring to Kaspersky’s ‘Cybersecurity on a budget’ resource for small and medium businesses for tips on spending less on IT without compromising security.
Read the full report for more insights on the human impact on cybersecurity in business through this link.