Malaysian companies see lesser financial impact from cyberattacks

Study reveals that only 26% of companies reported severe breach in the past 1 year compared to 50% of companies in the previous year


MALAYSIAN organisations are seeing a decline in financial impacts from cybersecurity breaches, according to Asia Pacific CISO Benchmark Study 2019.

In a statement yesterday, the study reported that there was a sharp decline in the number of companies suffering an impact of more than US$10 million (RM41.05 million) from their most severe breach.

Only 3% of the study’s respondents reported impacts of this amount, compared to 8% a year ago.

The study also added that for 26% of companies in Malaysia, the most severe breach in the past one year, cost them more than US$1 million.

This was noted as a big decline from the previous year when 50% of companies reported the same financial impact or more.

Cisco Malaysia MD Albert Chai said as digital adoption gathers pace in Malaysia, there is an increased awareness of cybersecurity among businesses.

“This is crucial because the success of the digital economy hinges on a large part of the businesses’ ability to tackle cybersecurity risks.

“For companies to be able to do that, security can no longer be an afterthought, it needs to be the underlying foundation of any digitalisation effort. While we are seeing some positive trends, a lot more needs to be done to ensure that businesses are well prepared to tackle any issue on this front,” he added.

The study also revealed that on average, 44% of respondents receive more than 10,000 threat alerts, while 36% said they receive more than 50,000 alerts per day.

However, it noted that although security practitioners in Malaysia are being kept busy, they are getting better at tackling the issue.

Meanwhile, the study also found that Malaysian organisations are facing longer downtimes due to cyber breaches.

Among the respondents, 27% experienced a downtime of 24 hours or more after their most severe breach in the past one year, compared to just 4% globally and 23% in Asia Pacific.

Malaysia’s number is also a huge increase from 2018, when only 9% of organisations in the country suffered downtime of 24 hours or more.

In addition, 35% of Malaysian companies used more than 10 security vendors, which adds complexity for security professionals.

Cisco cybersecurity director for Asean Kerry Singleton said complexity due to a multivendor environment and the increased sophistication of businesses with operational technology networks and multi-cloud adoption continue to challenge security practitioners in Asia Pacific.

“As organisations look to reduce the impact of cybersecurity breach, they need a simplified and systematic approach to security in which solutions act as a team, and learn, listen and respond as a coordinated unit.

“One way for organisations to simplify security is by considering a Zero Trust approach which looks at security in three key areas namely workforce, workload and workplace,” he said.

Among the top reasons barring Malaysian companies from adopting an advanced security technology are organisational culture (43%), budget constraints (38%) and lack of awareness (38%).

The study was done by surveying close to 2,000 security leaders across 11 countries in Asia Pacific.

This includes leaders from organisations of 100 to 499 employees to large enterprises and the public sector.