Organisations in the Asia-Pacific region are taking longer than nine hours to address an email security breach have a 79% chance of also being a victim to ransomware.
This is according to a report from Barracuda. It is based on research done by Vanson Bourne, which surveyed 2,000 IT and security leaders globally — including 600 respondents from across the region.
Half of APAC respondents come from APAC organizations with more than 200 employees.
The report reveals that most (77%) of the APAC organisations surveyed had experienced an email breach in the previous 12 months. The average cost to recover reaches US$224,094, and nearly all respondents (97%) reporting tangible or intangible impacts ranging from downtime to reputational harm.
Within APAC, brand and company reputation damage (40%), business disruption (40%), and loss of employee productivity (39%) are the top three consequences of a breach, underlining how far-reaching the effects can be beyond immediate financial loss.
The survey also shows that despite the need for rapid incident detection and response; many companies struggle to achieve this.
Nearly half (46%) of APAC respondents say that email threats are becoming harder to detect due to advanced evasion techniques, while 47% attribute delays to the lack of automated incident response to identify and contain attacks efficiently.
A further 40% note a shortage of skilled security staff as a limiting factor.
“Email security is no longer just about stopping spam or mass phishing — it’s about preventing the first domino from falling in a cyber threat chain that could end in operational paralysis, data loss, reputational damage and longer-term business impacts,” said Neal Bradbury, chief product officer at Barracuda.
Bradbury said the ability to detect and neutralise email incidents is often hampered by increasingly complex and evasive attacks, internal skills shortages, a lack of automation, and more.
“A unified approach to protection centred on a strong integrated security platform is vital,” he said.
Mark Lukie, director of solutions architects at Barracuda APAC, said that across Asia-Pacific, they’re seeing organisations face the dual challenge of increasingly sophisticated email threats and a shortage of skilled security professionals to manage them.
“Many businesses still underestimate how quickly an email breach can escalate into a much larger incident, such as ransomware. Speed and automation are crucial — yet almost half of APAC respondents still rely heavily on manual processes,” said Lukie. “Building cyber resilience means investing not just in technology, but also in visibility, training, and coordinated response capabilities that allow teams to act fast when it matters most.
