7 in 10 APAC CEOs now into cybersecurity

About seven in every 10 (69%) CEOs in the Asia-Pacific region excluding Japan are now engaged in cybersecurity interactions either weekly (37%) or bi-weekly (32%), supporting the ongoing importance of cybersecurity to the business, according to IDC.

However, complexity, legacy, and ill-defined roles and responsibilities still hamper more effective approaches to addressing this complex issue.

IDC’s Asia/Pacific (Excluding Japan) Security and Trust Study 2022 discusses how security technology buyers across the region are addressing their security concerns. 

The plethora of tools and vendors in the markets has resulted in a current focus on process and people, something the study showed has, to date, been lacking. At the same time, concerns around identity, cloud, and data top the technology investment intentions.

Key findings are that the ongoing complexity of IT systems, along with evolving regulations are the major challenges faced by IT security professionals. 

While the C-Suite is paying more attention to the issue of security, there are many infrastructural issues across people and processes that, unless the C-Suite decides to address, will continue to be problematic.

“Even today most security technology acquisitions are reacting to the current perceived threat, and this has been the case for many years now,” said Simon Piff, VP of Trust and Security Research at IDC Asia Pacific. 

“What is required is a more strategic and holistic approach to addressing the myriad of threats and challenges, whilst moving to simplify the technology stack and its integrations,” added Piff. 

He said key technologies such as AI/analytics, security automation, and cybersecurity infrastructure modernisation are low on the investment agenda, where the focus is on risk management, KPIs, and development of processes.

This IDC study will better help technology vendors align their messaging to the needs of the security decision-making unit within the target markets. 

Additionally, this study investigates how cyber security is addressed at a people, process, and technology level, and looks specifically into challenges/concerns; perceived threats; risk management processes; planned investment areas; and overall understanding and attitude towards the concept of trust.