Top cybersecurity trends ASEAN businesses should be aware of in 2022

Region sees increased focus on cyber protection

Top cybersecurity trends ASEAN businesses should be aware of in 2022


By Mark Rosanes

With the pandemic-fuelled disruption prompting many businesses in major Southeast Asian markets to accelerate their digital transformation, cybercriminals are also capitalising on the situation to gain access and steal sensitive information.

But as ASEAN companies make giant strides toward improving their digital technologies, they are likewise expecting the frequency of cyberattacks to intensify – that is why most of them are coming in well-prepared.

Recent research from Palo Alto Networks has found that for an overwhelming majority of organisations in the region, cybersecurity has become among the top priorities of their business leaders.

The global cybersecurity firm surveyed 500 respondents representing businesses from some of the ASEAN’s top markets – namely Singapore, Malaysia, Indonesia, the Philippines, and Thailand – on how they dealt with cyber challenges last year and their outlook for the future.

The findings revealed how the disruptions brought about by the COVID-19 pandemic changed the way they handled business operations and the measures they took to protect themselves from cyberattacks. Here are the biggest cybersecurity trends the report identified that ASEAN businesses need to be aware of in light of the pandemic-induced shifts.  

1. Cybersecurity has risen to the top of the leadership agenda.

A vast majority (92%) of respondents said cybersecurity should be a top priority among ASEAN businesses, with almost three-fourths (74%) believing that their leadership has increased focus on cyber protection. This is reflected in the frequency of board-level discussions regarding cybersecurity issues, with nearly half (46%) of companies having meetings every quarter and more than a third (38%) conducting them monthly.

Survey results also showed that business leaders were taking concrete measures to bolster their companies’ cybersecurity capabilities, with almost all (96%) of respondents saying that their organisations have a dedicated in-house IT team to manage their cyber risks. Additionally, more than two-thirds (68%) of those interviewed said plans were in place to increase their cybersecurity budgets, with the goal of adopting next-generation security technologies (48%), addressing existing cybersecurity gaps (46%), and optimizing operations (44%).

“The pandemic has served as a catalyst for ASEAN business leaders to sit up and pay greater attention to their cybersecurity defence measures,” said Ian Lim, field chief security officer, Palo Alto Networks. “Many are recognising the deep impact it can have on their business continuity.”

2. Transition to remote work has given rise to new cybersecurity challenges.

The restrictions put in place during the pandemic meant that businesses needed to transition quickly to remote work, which many companies did not have the proper infrastructure for. The situation has unsurprisingly resulted in a new set of cybersecurity challenges.

The three biggest issues, according to respondents, were the increase in digital transactions with suppliers and other third parties (54%), the need to procure a wider range of cybersecurity products to protect them against cyber threats (54%), and unmonitored and unsecured IoT devices connected to the corporate network (51%). 

The majority (94%) of ASEAN businesses also saw a rise in the volume of cyberattacks, with close to a quarter (24%) saying the number of disruptive attacks has jumped by half. Because of this, nine out of 10 companies have evolved their cybersecurity strategies to stay protected. More than half (54%) of respondents said they do this by utilising cloud security, which was the top measure, followed by IoT/OT security adoption at 46% and access management at 45%.

“To manage today’s remote workforce in a digital-first environment, cybersecurity must be integrated horizontally across all facets of the business and considered as part of every corporate action,” Lim said.

3. Financial institutions have become prime targets but feel best-prepared against cyberattacks.

About half (45%) of financial services companies and 42% of fintech firms perceived themselves to be most at risk of cyberattacks – the highest among all industries covered. However, business leaders in these sectors were also the most confident when it came to cyber protection.

According to the survey, this confidence may have stemmed from having “a higher focus” on cybersecurity, which was reported by 79% of financial services and 76% of fintech respondents – figures that were above the average of 74%. Cybersecurity budgets have also increased the most for organisations in financial services (81%) and fintechs (75%), compared to the 68% average.

4. Businesses believe cyberattacks will have a huge impact on personal safety.

As work and leisure activities increasingly shift toward digital channels, ASEAN business leaders believe that people should pay attention to how cyberattacks impact their personal safety. This comes as more than half of companies have sped up their digital transformation by boosting investment in mobile applications (58%), expanding their remote workforce (57%), and widening their online footprint through smart devices (57%).

The report also laid down some recommendations to help Southeast Asian businesses protect against cybersecurity threats. These are:

  • Conducting cybersecurity assessment to better understand, control, and mitigate risks. This will help organisations to prioritise countermeasures and identify where resources are needed to defend against sophisticated attacks.
  • Adopting a zero-trust framework to address the cybersecurity threats of today and design architecture with an “assume-breach” mindset.
  • Deploying technology to continuously validate the legitimacy of digital interactions and establish rapid response capabilities to quickly address the early signs of a breach.
  • Choosing a partner not a product. A good cybersecurity partner can provide the latest threat intelligence and offer practical advice on how to build a cyber resilient architecture across all environments (e.g., on-premises, cloud, edge).

“As new and unexpected threats continue to shake up businesses of all sizes and industries, there needs to be closer collaboration between both technology and business leaders to tackle these novel challenges,” Lim said.

Related Stories

Keep up with the latest news and events

Join our mailing list, it’s free!