Upgrade Magazine


Almost 9 in 10 business leaders in Phl see cybersecurity as top priority in COVID-19 recovery

Organisations in Philippines expect increased technology budgets to support accelerated digital transformation in today’s new business normal, according to the latest CrowdStrike 2020 APJ State of Cybersecurity Report.

Photo by Dhaval Parmar from Unsplash.com

Despite the severe economic downturn, organizations in Philippines expect increased technology budgets to support escalated digital transformation in today’s new business normal. Among business leaders in Philippines who believe that there should be more investment in remote working, 86 percent list the enhancement of cybersecurity measures as a top priority. Further, despite a grim economic outlook, 81 percent of local business leaders expect technology budgets to increase.

Many organizations have experienced digital transformation at an unprecedented pace and scale across business segments and operations, as they have quickly moved to mass remote working arrangements during COVID-19 to survive. Forty-six percent of local business leaders surveyed said the pandemic accelerated their move to cloud solutions, while nearly all (95 percent) say COVID-19 has changed the way they interact or deliver products and services to customers.

These results indicate a strong shift and rapid investment into transformation projects that move from traditional on-premises security solutions to next generation cloud-native solutions as organizations look to protect today’s distributed workforce and digitally driven business models.

Seventy-six percent of local business leaders believe that their organizations should increase investment in cybersecurity software over the next six months. As cybersecurity is front of mind for budget allocation, many respondents have recognized that COVID-19 has resulted in a massive increase in cyber-threat behavior.

CrowdStrike observed an increase in electronic crime (eCrime) activity – up by more than 330 percent since the start of 2020, as compared to the same period in 2019. As local business leaders look forward and put the initial shock of the pandemic behind them, the issues of solidifying secure digital transformation, prioritizing and assigning budgets to the most critical areas – including cybersecurity training and protecting new supply chains, will need to be addressed.

“The COVID-19 pandemic may have had the biggest impact on the way organizations operate since the introduction of office PCs. The reaction of business leaders has been impressive, but the speed and size of change to a remote workforce has led to some inevitable gaps, particularly in the cybersecurity of organizations,” said Sherif El Nabawi, Vice President, Engineering, APJ, CrowdStrike. “Our research findings show that respondents understand these gaps and expect to address them during business recovery, going beyond ‘good enough’ security measures to ensure their employees remain secure against sophisticated threat activity – regardless of where they are located. In the new business normal, it is then vital to implement solutions that can be quickly deployed at scale to detect new threats, adhere to new regulations, and leverage the cloud so they can be easily and remotely managed.”

Other findings for Philippines from the Report include:

  • 3 in 4 of business leaders in Philippines consider cyber-attacks to be among the top three threats to their business over the next six months, even more so than current trade tensions and climate change. With the top two concerns across the board being economic conditions (81 percent) and new waves of COVID-19 infections (85 percent), cybersecurity remains business-critical.
  • The top cybersecurity challenges expected in the next 18 months include remote workforce (70 percent), new regulation (66 percent) and costs of compliance (60 percent) with limited budgets (57 percent) and legacy infrastructure (54 percent) ranking not far behind.
  • While most organisations in Philippines have changed their IT environments to accommodate remote workers, 37 percent still have not changed their security programs due to COVID-19, potentially exposing their organisations to cyber risks from new and more sophisticated attacks.
  • As a result of working from home, 65 percent of local business leaders are concerned about a potential cyber-attack on their organisation in the next six months.

·Forced to adapt and implement remote working arrangements due to public health concerns, 81 percent of local business leaders acknowledge that having a distributed workforce is a practical option moving forward. They now believe that it is possible for a workforce to collaborate and work together, regardless of where they are.

·38 percent of respondents in Philippines have their personal mobile devices connected to their organizations’ IT infrastructure when working from home, which means that an individual’s compromised personal device could jeopardize their employer’s corporate network.

·Employee education and communications are key to a successful cybersecurity strategy, yet 22 percent of local business leaders do not know what to do in the event of a data breach. 42 percent of local respondents also have not received communications about COVID-19 themed malware and 40 percent have not received additional security training. Moving forward, 91 percent of local business leaders say they plan on additional security training in the future.

  • As organizations in Philippines look to the new normal, 79 percent of local business leaders believe that their organizations should invest more in building a remote work environment.

“Remote work is expected to continue for some time, and we might not even return to the past of having employees in the office for the entire workweek. Organizations must therefore update their cybersecurity policies to factor in remote or hybrid working. This includes planning for the use of personal devices, secure access for Bring Your Own Device (BYOD) on corporate networks and leveraging VPNs to protect sensitive data accessed through insecure Wi-Fi. Keeping employees educated on cyber-threats brought about by remote or hybrid working situations and educating them on cyber hygiene are important for minimizing exposure,” said El Nabawi.

“We also recommend that organizations remain well-prepared, with crisis management and incident response plans that can be easily executed at a moment’s notice through effective remote collaboration tools. Lastly, having cloud-native cybersecurity technology for advanced endpoint detection is crucial, so organizations’ cybersecurity teams can centrally isolate and remediate any threats that emerge from an employee’s device or personal network, well before the threat can break out of its initial beachhead and proceed to infect other users or systems throughout the entire network,” added El Nabawi.

To Top