Most Singapore firms unable to address breaches within 24 hours

Firms are accelerating digital transformation projects to support remote work as the pandemic as attackers seize on vulnerabilities in these environments, creating more work and larger budgets for security teams, according to Infoblox.

This is based on a survey conducted by the Business Intelligence Unit of CyberRisk Alliance, commissioned by Infoblox and covering 100 respondents in Singapore.

The survey is part of a global report that also covered 1,000 other respondents in the United States, Mexico, Brazil, the United Kingdom, Germany, France, the Netherlands, Spain, United Arab Emirates, and Australia.

Findings from Singapore  show that the country reported one of the lowest response-time rates among respondents in the global survey. Less than half of Singapore organisations (49%) said they were generally able to respond to a threat within 24 hours. 

This presents an opportunity for cybersecurity professionals to improve their threat intelligence capabilities. Unfortunately, challenges such as poor network visibility (32%), shortage of IT security skills (32%), and funding (28%) are most likely to hamper Singapore organisations’ threat detection efforts going forward.

Firms in Singapore saw higher rates of security incidents and breaches (65% experiencing six or more) compared to other countries (21%). A large majority (73%) reported their organisations’ IT security incidents resulted in a breach. 

Among those that suffered a breach, respondents reported that the most likely culprits were a cloud infrastructure or application (45%), an IoT device or network (42%), or remote, employee-owned endpoint (32%).

Also, workers in Singapore workers continued to fall for phishing scams. Phishing attacks accounted for 68% of breaches reported in the past 12 months in Singapore, followed by ransomware (59%) and APTs (57%).

Singapore organisations are most concerned about their vulnerabilities in defending against data leakage, ransomware, and remote-worker compromises. The loss of direct security controls and network visibility has 51% of Singapore organisations most concerned about data leakage. Up to 42% worry remote connections will come under attack, including by those behind ransomware, while (35%) are concerned about networked IoT attacks. 

Most Singapore organisations are putting more resources toward cloud, data, and network protections, with 73% reporting an increase in IT security budgets in 2021, and 69% expecting their budgets to increase in 2022. 

Data encryption (37%) and cloud access security brokers (36%) are the most popular cloud-based investments.

Further, interest in Secure Access Service Edge (SASE) frameworks in Singapore is accelerating, with 61% of organisations having already partially or fully implemented SASE. Another 29% has plans to do so, through either one vendor (44%) or many (56%).

“With Singapore’s high rate of security breaches and slow response rates, cloud-first networks and corresponding security controls have gone from nice-to-have features to business mainstays,” said Alvin Rodrigues, field chief security officer, Asia Pacific, Infoblox.