- Most APAC organisations across Singapore (89%), Australia (81%) and India (88%) saw increased cyber threats during the pandemic
- Cloud security was the top solution that organisations in APAC invested in
- While most businesses were impacted by budget cuts during the pandemic, IT professionals in Singapore (37%) and Australia (39%) are looking to invest more than US$1 million in 2022. Worryingly, only 1 in 5 organisations in India are planning to do the same.
Over 18 months since the onset of the COVID-19 pandemic, McAfee Enterprise and FireEye found that most APAC organisations have experienced a two-fold blow, caught between increased cyber threats and reduced security budgets. Looking ahead to 2022, nearly all IT professionals across Singapore (99%), Australia (94%) and India (99%) see an urgent need for organisations to place more emphasis on their overall cyber readiness.
Globally, 81% of organisations experienced increased cyber threats over the past 18 months. Among APAC countries surveyed, Singapore was the hardest hit by the pandemic, with almost 9 in 10 (89%) organisations reporting increased threats, followed by India (88%) and Australia (81%).
“As APAC forges ahead to 2022 and transitions to a digital-first way of life, the new digital economy is creating new revenue streams and opportunities for not only businesses but also cybercriminals. If businesses are to capitalize on the next wave of digital growth, they must act now to strengthen their cybersecurity posture against the new and dynamic cyber threats,” said Jonathan Tan, Managing Director of Asia at McAfee Enterprise.
In response to rapidly growing threats, almost all APAC organisations took steps to invest in their security systems, with cloud security being the top security solution implemented by organisations across Singapore (79%), India (82%) and Australia (71%). The report also found a promising indication that APAC organisations are taking cyber threats seriously – only 5% of businesses in Singapore, 3% in India and 6% in Australia did not upgrade their security solutions over the past 18 months.
Yet, the pandemic continues to exert financial pressures on IT teams across APAC. Nearly half of organisations in Australia (44%) and India (42%) had their technology and security budgets reduced – much higher than the global average of 33%. Meanwhile, Singapore fared slightly better with 31% of organisations facing budget cuts.
Looking ahead to 2022
As the dust of the pandemic settles, it is critical for APAC organisations to pivot away from crisis-mode and invest in fortifying their cyber defences. Fortunately, around 2 in 5 organisations in Singapore (37%) and Australia (39%) plan to invest more than US$1 million in 2022. However, this figure falls to only 1 in 5 (20%) in India, although India organisations experienced the most downtime globally (77%).
The top three cyber risks of 2022 that will be the most threatening to businesses in APAC are:
- Singapore: Malware attacks (51%), Data breaches (46%) and Phishing scams (46%)
- India: Malware attacks (54%), Data breaches (50%) and Cloud jacking (35%)
- Australia: Data breaches (52%), Phishing scams (48%) and Malware attacks (40%)
The survey findings are in line with the 2022 Threat Predictions from McAfee Enterprise and FireEye, where the risk of social media phishing to deliver malware was underscored. Bad actors are increasingly using professional networking sites like LinkedIn to target executives with promises of job offers. Once a target is on the hook, threat actors move on to their next step of convincing them to download a job spec that is malware.
Yet, some emerging new threats have remained under the radar of APAC organisations. API services and apps are becoming lucrative targets for threat actors and now account for over 80% of all internet traffic, as feature-rich APIs are being increasingly used in 5G mobile apps and Internet of Things (IoT) devices. Worryingly, most attacks targeting APIs go undetected as they are generally considered as trusted paths with lower levels of security controls. The connected nature of APIs could also potentially introduce additional risks to businesses as they become an entry vector for wider supply chain attacks.
Faced with numerous security threats, the top three technologies that organisations intend to invest in for 2022 also varied across different countries:
- Singapore: Endpoint Security (59%), Cloud security (49%), Advanced threat protection (45%)
- India: Cloud security (57%), the Security operations centre (57%), Advanced threat protection (55%) and Endpoint security (47%)
- Australia: Advanced threat protection (57%), Security Operations Centre (57%), Cloud security (51%)
McAfee Enterprise and FireEye commissioned a global independent market research specialist MSI-ACI to undertake the research for this study. Between September and October 2021, the quantitative study was carried out, interviewing 1,451 IT and line of business decision makers. Respondents came from the U.S., U.K., Australia, France, Germany, India, Singapore, South Africa and UAE. Respondents had to be an IT business professional, involved in IT security and work for an organization with more than 500 employees.
Interviews were conducted online using a rigorous multi-level screening process to ensure that only suitable candidates were given the opportunity to participate.