Sapsiwai - Fotolia
Firms in the Asia-Pacific (Apac) region now view cyber security measures as a contributor to business growth, rather than just a means to contain security breaches and meet regulatory requirements.
According to a survey by CA Technologies and research agency Coleman Parkes, 87% of 1,770 senior business and IT executives said security has enabled their organisations to enter new markets and deliver services in new ways. Almost 800 of the respondents were from Apac countries.
Among Apac respondents, 64% were categorised as basic users of identity-centric security, with a focus on core capabilities such as password management, single sign-on and some analysis and reporting.
While all Apac respondents saw business improvements from their security initiatives, advanced users generally reported more significant results, particularly in customer experience, business operations and security.
Also, the most advanced users of identity-centric security in the region who have seen a decline in security breaches have been more proactive in preventing them through increased investment (86%), focusing on mobile devices and apps (82%), implementing strong setup authentication (73%), and focusing on high-risk areas such as privileged identities and access (68%).
Nick Lim, vice-president, Asean and Greater China at CA Technologies, said it was important for businesses to view security as a business enabler that drives value and new revenue streams, rather than just a form of control.
“Security lays the foundation for trusted relationships and is integral to successful digital transformation,” he said.
The current IT threat landscape is becoming increasingly sophisticated, with well-funded attackers now using automation and big data tools to seek out and identify soft targets.
Against this backdrop, IT security has become a top-of-mind concern for top executives in the Asean region, which has seen a number of high-profile attacks.
Nick Lim, vice president, Asean and Greater China, CA Technologies
In 2014, more than 1,500 users of Singpass – Singapore’s authentication system that enables citizens and residents to log on to government e-services – had their user names and passwords compromised.
And in June 2016, cyber security firm Kaspersky reported that more than 2,100 servers in Malaysia may have been compromised. The country’s cyber security agency said it had been detecting the intrusions for years, but its advisories were ignored by the victims.
According to IDC, the IT security landscape in Southeast Asia is quite varied in terms of maturity, impact, and the legislation that typically drives IT security investments.
For example, about three-quarters (72%) of the 106 Malaysian organisations that took part in IDC’s IT Security MaturityScape survey said they were still in the early stages of IT security maturity.
Sherrel Roche, senior market analyst for services research at IDC, said: “Some markets in the region still lack compelling and enforced legislation, which leaves IT security teams with the paradox of having to secure the environment when the C-suite are not prepared to fund or staff it sufficiently.”