Nearly half of all Asia Pacific corporates have experienced a cybersecurity threat over the last 12 months according to research, Vulnerabilities and priorities for Corporates in Asia Pacific, by SWIFT and East & Partners Asia.
The report notes that cybersecurity is the main risk and compliance concern for corporates in Asia Pacific. But only 15 per cent of corporates in the region say they are certain that they have not experienced a cybersecurity threat over the past 12 months. This figure fell to 12.1 per cent for Taiwan corporates and rose as high as 31.5 per cent in the Indonesian market – as shown in the report's graph below:
The biggest impact of a cybersecurity breach is monetary loss – suffered by a third of corporates in Asia Pacific that fall victim to a cyberattack. And the corporates that reported a cybersecurity breach over the past 12 months said that the most common methods used in the attack were malware and spyware. The report found that phishing, a technique used by criminals to gain access to sensitive dat by impersonating communication (usually an email) from a trusted source, is more prevalent in more developed markets. Around 40 per cent of corporates in Australia reported experiencing phishing attacks, compared to under 20 per cent for Indonesian corporates.
Cost of cybercrime to double by 2021
It also cites figures provided by research firm Cybersecurity Ventures, which estimate that global annual cybercrime costs will double from USD$3 trillion in 2015 to USD$6 trillion by 2021. Spending on cybercrime prevention is also forecast to exceed USD$1 trillion over the next five years.
CTMfile take: This research highlights that there's quite a big difference between knowing that you've been hacked and being sure that you haven't. Surprisingly, many companies cannot say for sure that they haven't had a cybersecurity breach in the past 12 months. But as recent news on further corporate data breaches show, this is an area where corporates really need to focus their resources.
Don’t do an Uber; prepare for the aftermath of a data breach
Few corporates are confident of their ability to detect sophisticated cybercrime but a strategy to respond to a data breach and comply with legal obligations should be part of every corporate plan
Actions for next week: Cybersecurity - How to protect yourself from The Human Factor
All the technology in the world won't protect you from 'staff leaving gate unlocked'. Complete set of policies backed by procedures to protect department are needed
53% of companies would change a third-party relationship if risk was too high
High-profile cyberattacks and new cybersecurity-related regulations are changing the way companies are viewing not only their own cybersecurity risks, but also those of third parties