CISOs in Singapore and Australia not keeping pace with data breaches

Three-quarters of chief information security officers (CISOs) in Singapore and Australia are highly concerned that data breaches are not being addressed, with 71% worried about their ability to detect breaches in the first place.

And just 20% of executives in both countries say their organisations are highly effective at preventing security breaches.

These findings were revealed by enterprise cloud service supplier ServiceNow, which commissioned Oxford Economics to poll 300 CISOs around the world, including 50 from Singapore and 50 from Australia, about their strategies to navigate the challenging cyber threat landscape.

The problems faced by CISOs in Singapore and Australia in guarding against cyber threats are often blamed on a lack of resources. This has had consequences – 66% of respondents in Singapore and 72% in Australia have been unable to prioritise alerts based on the importance of data.

To address the issue, ServiceNow said CISOs in the two countries were planning to turn to security automation. Just over one-third of respondents in both countries currently automate more than 40% of their security processes, and two-thirds (66%) plan to do so within three years.

And when it comes to automation, the fastest growth will happen in threat intelligence research, aggregation of alerts from multiple security tools, and contextualising alerts based on business criticality, according to ServiceNow.

Even with automation, organisations in Australia and Singapore are not about to scale back on developing the necessary cyber security expertise. In fact, a majority of CISOs cited skilled talent, upskilling and talent retention as the most important elements to the success of their security functions.

According to the study, Singapore is also more focused than Australia on talent-related goals. More than 90% cited attracting and upskilling talent as important, compared with 80% in Australia. Some 92% of Singaporean respondents also cited the importance of retaining talent, compared with 76% in Australia.

Jimmy Fitzgerald, vice-president and general manager at ServiceNow Asia Pacific and Japan, said the survey findings showed that CISOs needed to focus on the entire process of the security response.

“CISOs must start automating and prioritising security tasks based on business criticality to ensure that threats are detected and dealt with more quickly and more efficiently,” he said.

While cyber security experts have hailed the benefits of security automation, they have also warned that it requires careful management, monitoring and governance to manage business risks effectively.