Singapore firms feel most cybersecure across SE Asia

Larger businesses in Singaporean organisations are seeing the highest cybersecurity risk across the ASEAN region, with 67% of firms seeing high risks, according to the 2023 State of Cybersecurity ASEAN report from Palo Alto Networks.

Securing operations technology (OT), especially for critical infrastructures, remains a top concern as essential services have seen higher disruptive attacks compared to other sectors. 

The report is based on a survey conducted online in April 2023 with 500 corporate IT decision-makers and business leaders. There were 100 respondents each from Singapore, Malaysia, Indonesia, the Philippines, and Thailand.

The types of attacks organisations in Singapore are most concerned with are malware (53%), ransomware (53%), and phishing and spear phishing attacks (52%). 

With the increasing reliance on cloud-based services and applications, local businesses cited that they are most challenged in cybersecurity due to unmonitored and unsecured IoT devices, increasing digital transactions with third parties, and risks from personal devices and home networks. 

While many organisations in Singapore perceive a high risk of cybersecurity threats, they are also the most confident in their adopted security measures (92%). 

Between large and small organisations in the country, the latter felt relatively less confident in coping with cybersecurity challenges due to constrained cybersecurity budgets and relatively weaker in-house cybersecurity talent. 

Confidence in security measures is reflected across the ASEAN region’s industry sectors. However, it is most noticeable in the services (banking and financial) and transport and logistics sectors. 

Steven Scheurmann, regional VP for ASEAN at Palo Alto Networks, said that in response to the ever-changing threat landscape, and the IT/OT integration across industries, Singaporean organisations must strategically consider a unified approach to cybersecurity. 

“Notably, 82% of Singapore-based organisations with OT have a cybersecurity team responsible for overseeing both their IT and OT infrastructure and systems,” said Scheurmann

“To further fortify their security posture, it is imperative to place significant emphasis on cloud security adoption, reinforce IoT and OT security measures, and enhance endpoint protection,” he added. “This teamwork enables organisations to gain a comprehensive view of their security and respond more quickly and effectively to emerging threats.”

Cybersecurity also continues to be a top priority for businesses in Singapore. Similar to last year, 85% of local organisations shared that cybersecurity is discussed at a board level at least quarterly. 

Further, 73% of Singaporean businesses have increased their cybersecurity budget to focus on adopting next-generation security capabilities, acquiring cybersecurity talent, and growing online commerce. 

To fight evolving threats, organisations in Singapore are implementing cloud security adoption (45%), securing IoT and OT (41%), and endpoint protection (39%). 

Organisations are also adopting a combined IT/OT cybersecurity team to have a more comprehensive and holistic view of their security postures for faster response. 

Regionally, AI integration is the top technology businesses across ASEAN are adopting, particularly those in the telco/tech/communications industries. 

This reflects the approach of organisations in Singapore, where 41% are looking into AI integration — including machine learning, predictive analytics, voice recognition, and sentiment analytics — in the next one to two years.