Thirty-five percent of Singapore organisations reported successfully navigating current cybersecurity challenges in today’s remote-first world with software and cloud-first strategies, according to Cisco’s 2021 Security Outcomes Study for Asia Pacific.
Based on a double-blind, independently analysed survey, the study covers 2,110 cybersecurity, IT and privacy professionals across 13 markets including Australia, China, Hong Kong, India, Indonesia, Japan, Malaysia, Philippines, Singapore, South Korea, Taiwan, Thailand, and Vietnam.
Findings show that firms which regularly update their technology were the most likely to report successful security programs.
On average APJC organisations that have a proactive, tech refresh strategy are 15% more likely to report overall security success – the highest of any practice.
This is most significant in China, where organisations doing this are 31% more likely to report successful security programs, followed by Thailand (30%), Australia (23%) and Japan (20%). In Singapore, this contributes to a 17% higher likelihood of success.
However, not all firms have the budget or expertise to make this happen, also known as the “Security Bottom Line”. A strategy to migrate to cloud and SaaS security solutions can help close this gap.
The study further finds that Singapore cybersecurity programs struggle the most with obtaining peer buy-in, with 17% of organisations reporting successfully achieving it, the lowest among markets in Asia Pacific including Japan and China (APJC).
This is followed by minimising unplanned work (24% success); retaining security talent (28% success); keeping up with business (31% success), and running cost-effectively and streamlining IR processes (both 32% success).
The report also finds that a well-integrated technology stack is the second most important factor for cybersecurity success. It has a positive impact on nearly every outcome evaluated, increasing the probability of overall success by an average of 7%.
Integration is also the most significant factor in establishing a security culture that the entire organisation embraces.
As a standalone practice, IT and security “working together” appears to correlate the least with overall success. This seems surprising but may point to security being a part of many CIO’s IT organisations, implying cooperation is built-in and does not need extra management or measurement.
Kerry Singleton, Cisco’s managing director of cybersecurity in APJC, said that considering most companies do not always have the resources to invest across improving practices or culture, hiring more professionals or adopting additional technology, the report offers a guide that helps to map key security decisions to the most impactful outcomes.