Sophos announced the findings of its report, The Future of Cybersecurity in Asia Pacific and Japan – Culture, Efficiency, Awareness, which reveals that the success of an organisation’s cybersecurity investment lies in more than buying technology, with corporate culture, employee education and path-to-purchase playing a critical role.
Across the Philippines, the majority (64 percent) of business decision makers believe lack of security expertise is a challenge for their organization, with 62 percent observing recruitment of skills to be a struggle. This comes down to the set-up of cybersecurity within organizations, which commonly sees IT staff tasked with security in addition to their other responsibilities.
There is also a wider cultural issue, relating to attitude and behavior, impacting corporate cybersecurity. In fact, 78 percent of organizations in the Philippines believe the biggest challenge to their security in the next 24 months will be improving cybersecurity awareness and education among employees and leadership.
Drivers of change
Three in four (77 percent) organizations anticipate their use of external security partners to rise over the next 12 months. Organizations are increasing their number of partners in a bid to manage phishing, malware and ransomware threats, which were all highlighted as growing concerns by survey respondents.
However, the majority (84 percent) of organizations in the Philippines are satisfied with their main security providers. As expected, organizations are most likely to consider new cybersecurity solutions or strategies after serious attacks or breaches, or to better support adoption of new technologies, products or services, according to the survey. They are also most likely to make changes to support regulatory or corporate compliance changes after a cybersecurity incident.
The role of the IT channel
Right now, organizations in the Philippines most commonly engage vendors for point solutions in traditional outsourcing/licensing contracts. However, in the next 24 months, organizations predict they will engage vendors and service providers on multi-year contracts for holistic solutions and licensing contracts – suggesting that the channel has a expanding role to play in businesses.
There is a growing requirement by organizations in the Philippines for the channel to do even more. One in three (35 percent) respondents want partners to demonstrate that they understand their business, and a further 43 percent are looking for partners to provide comprehensive end-to-end support.
“Security is hard. We all know it. Sophos’ survey highlights the constant challenge presented by the evolving security landscape and never-ending search for skills and best practices to help organizations overcome these threats. What does it really mean to ‘be secure’? Ultimately, security is about managing risk. To do that effectively, IT managers must be able to identify key areas where their team’s actions will have an outsized impact on protecting their organization, employees and the data their company has been entrusted with,” said Chester Wisniewski, principal research scientist, Sophos.
Gavin Struthers, regional vice president for Asia Pacific and Japan, Sophos, said, “This research highlights the everyday struggles of organizations across APJ. Huge gaps exist in finding security expertise and in staying up to date with technology, and this represents a massive opportunity for the channel. To stay relevant, channel partners are encouraged to become more cybersecurity savvy while also passing on the expertise they learn from their trusted security vendors to their customers. Educating customers about best practices, about people and process, is just as important as leveraging innovative technologies to improve their organization’s security posture.”
About this research
Sophos commissioned Tech Research Asia (TRA) to undertake this research into the Asia Pacific and Japan cybersecurity landscape. This includes a major quantitative survey where a total of 900 responses were captured with 200 each in Australia, India and Japan and 100 each in Malaysia, Philippines and Singapore. In addition to this, TRA captured qualitative insights from five executive roundtable events in Australia (2), India, Japan and Malaysia.