Almost half (46%) of Singaporean IT decision makers believe their IT infrastructure is highly resilient and almost all ( 97%) think their current cyber resilience measures are effective, according to a global survey from Zscaler.
Conducted by Sapio Research in December 2024, the study covered 1,700 IT decision makers across 12 markets — Australia, France, Germany, India, Italy, Japan, The Netherlands, Singapore, Spain, Sweden, the United Kingdom & Ireland, and the United States. Respondents work at companies with more than 500 employees and across industries.
Despite such a level of confidence, two-fifths (40%) of Singaporean IT leaders haven’t reviewed their cyber resilience strategy in over six months, and only 55% report their strategy is up-to-date in preparation for modern attacks in response to the rise of AI–showing a disconnect between the level of confidence and taking action.
Respondents in Singapore indicate that a majority of leaders understand the growing importance of having a robust cyber resilience approach, but only a minority (42%) believe it is one of their leaders’ “top priorities.”
This prioritisation is reflected in the amount of budget assigned to cyber resilience strategies, with 53% of the respondents agreeing that the level of investment doesn’t meet the escalating need.
From a total cost of ownership perspective, this suggests that spending additional funds on a legacy security model that isn’t working requires a new approach which can be accomplished with zero trust.
This is also evidenced by the lack of cyber resilience involvement from leadership. For most organisations, the burden of cyber resilience planning falls on IT leaders and their teams.
Half of IT leaders in Singapore say they have the CISO, for example, actively participating in any resilience planning. Moreover, Further evidence of cyber resilience being siloed is the fact that only 35% of IT leaders say their cyber resilience strategy is included within their organisation’s overall resilience strategy.
“Cyber resilience is foundational to overall business resilience, and outdated firewalls and VPNs allow persistent attacks, making a zero trust architecture crucial for defending against advanced threats,” said Jay Chaudhry, CEO, Chairman and Founder, Zscaler.
“Leadership must collaborate with IT teams to develop a strong cyber resilience strategy based on Zero Trust, preparing for and mitigating the impact of sophisticated AI-driven attacks,” said Chaudhry.
The study found that The majority (65%) of IT leaders in Singapore believe their organisation overly prioritises prevention – with splits showing that over two fifths (43%) of cyber security strategies and budgets are focused on prevention, at the expense of response or recovery.
Zscaler said this suggests that most organisations are not prepared for what would happen if a failure occurred and would struggle to recover business operations as quickly as needed.
Even among those organisations focusing their efforts on prevention, fewer than half are deploying each of the following proactive security tools to contain the blast radius of cyberattacks and mitigate further damage: risk hunting (41%), Zero Trust micro segmentation (45%,) and deception technologies (39%).
“Singapore’s position as a global and regional digital hub makes it a prime target for increasingly sophisticated cyber threats, including AI-driven attacks. As the nation accelerates its digital transformation, the expanding attack surface presents a critical challenge,” said Sanjay Yadave, Vice President and Managing Director, Greater Asia at Zscaler. “To maintain its leadership in the digital economy, Singapore must prioritise cyber resilience.
