More than half (56%) of IT leaders in Singapore rank AI as one of the top five most beneficial ways to protect their organisations from cyberattacks, up from 47% in 2024, according to KnowBe4.
This is from a study conducted online January 13-17. The sample comprised 202 Singaporean IT decision makers across industries from small to large organisations. YouGov designed the questionnaire.
Results show that as phishing tactics grow more deceptive, even IT professionals are struggling to distinguish real emails from malicious ones — evidenced by (72%) of IT leaders mistakenly identifying a legitimate email as a phishing attempt.
Ranked among the top five ways to protect organisations from cyberattacks — network security measures such as implementing firewalls, intrusion detection systems (60% – down from 62% in 2024) and multi-factor authentication (MFA) to enhance login security (56% – down from 58% in 2024) all remain high within their top five practices, despite these slightly decreasing this year.
Collaboration is emerging as a key pillar of cyber defence with one in two, who ranked sharing of best practices and information on data breaches between organisations, businesses, law enforcement and the government (54% – up from 51% in 2024) and encryption of sensitive data (50% – down from 55% in 2024) within their top five.
Regular software patching and cybersecurity awareness training remain priorities for IT leaders, with 48% ranking software updates (down from 50% in 2024), and emphasising employee training among the top five most effective defenses against cyberattacks (47% – down from 57% in 2024).
However, despite its critical role in strengthening the human firewall, investment in cybersecurity awareness training (57%) has seen a notable decline from 64% in 2024, raising concerns about potential vulnerabilities as cyberthreats continue to evolve.
Regular security audits and assessments (46% – up from 40% in 2024) and seeking advice and collaboration with cybersecurity experts or external consultants (43% – up from 38% in 2024) remained the least likely practises Singaporean IT decision makers ranked within the top five beneficial ways they perceive protect their organisation from cyberattacks.
“With Singapore now ranking as the world’s third most digitally competitive economy, it has also become a prime target for increasingly sophisticated cyberthreats, making it crucial for organisations to stay ahead by continuously updating their AI-driven security systems and defense software,” said Martin Kraemer, security awareness advocate at KnowBe4.
“The most effective defenses will combine machine learning with well-trained employees who can recognise, respond to, and mitigate emerging threats,” said Kraemer. “As AI continues to evolve, businesses in Singapore must strike the right balance – leveraging automation while investing in employee training and awareness to build a truly resilient cyber defense.”
Despite IT decision makers adopting AI powered defense, many are scaling back investment in fundamental security measures.
While overall cyber investment remains high with close to nine in ten respondents (87%) planning to invest in 2025 – consistent with 2024 figures, investment in key areas of cyber defense is seeing a decline.
This year marks a noticeable reduction in funding in the following critical areas:
First, a cybersecurity awareness training program with ongoing and relevant content (57% – down from 64% in 2024, 56% in 2022 and 65% in 2021).
Second, new cybersecurity software offerings (51% – down from 61% in 2024, 54% in 2022 and 57% in 2021).
Third, employee policy changes related to cybersecurity (46% – down from 55% in 2024, 55% in 2022, and 47% in 2021).
Fourth, simulated phishing and social engineering for end users (45% – down from 49% in 2024, 42% in 2022 and 44% in 2021).
And fifth, cybersecurity insurance (39% – down from 50% in 2024, 36% in 2022 and 55% in 2021).
