Digital transformation is accelerating among organisations but progress in 65% of the firms is hindered by cybersecurity vulnerabilities, found a joint study conducted in the Asia-Pacific by cybersecurity provider Forcepoint and business consulting firm Frost & Sullivan.
People from over 400 organisations across Australia, Hong Kong, India and Singapore took part in the study. The firms hailed from industries like financial services, telecom, manufacturing, energy & utilities, retail, education and healthcare.
Most organisations (65%) acknowledged that rising cyberattacks have hampered the execution of their digital transformation projects. The study also found that 83% of the organisations did not consider cybersecurity until after their digital transformation projects were underway.
Cloud technology is assuming a key role in digital transformation but the study found that 54% of organisations think cybersecurity is the responsibility of their cloud service providers. This belief, according to the study, has led to escalation in cyberattacks. On a country level, India (69%) and Australia (63%) firms were found to be most vulnerable to cyberattacks. Last year, a study conducted by Frost & Sullivan found that a large organisation in India, on average, incurs an economic loss of $10.3 million from cyberattacks.
A joint statement by Forcepoint and Frost & Sullivan said that security and compliance are a shared responsibility between the organisation and the cloud service provider and that this misconception regarding responsibility of security in the cloud renders organisations vulnerable to cybersecurity threats.
The study found that 95% of respondents have embraced frontier technologies, adopting emerging technologies including cloud computing, mobility, internet of things (IoT), artificial intelligence and machine learning, indicating increasing confidence among Asia-Pacific organisations in digital technologies.
However, the study also finds that most respondents do not consider cybersecurity while embarking on digital transformation projects. Existing cybersecurity measures are not proving adequate to protect organisations from cybersecurity threats as findings suggest that 35% of Asia-Pacific firms suffered at least one cybersecurity incident in the last 12 months.
“Organisations today need to urgently embrace ‘secure-by-design’ into their digital transformation projects,” said Alvin Rodrigues, senior director and security strategist at Forecpoint Asia-Pacific. “Adopting a behaviour-centric security approach that focuses on understanding users’ behaviour to identify behavioural anomalies can mitigate cyberattacks before they happen,” added Rodrigues. Earlier this year, Forcepoint had launched a new division called X-Labs to develop expertise on behavioural-intelligence innovations.
Seventy two per cent of the organisations were found to have conducted breach assessments to protect themselves against cyberattacks at least once per quarter. Despite the readiness, the study finds that 55% of the organisations were still at risk.
“Security leaders need to look behind perimeter security, leverage automation and have a better grasp of the psychology of both cyber criminals and their business users,” said Kenny Yeo, industry principal, Asia-Pacific ICT, Frost & Sullivan.
The study reveals the impact of digital transformation on each organisation’s risk posture. As digital technology like cloud and mobility become an increasingly integral part of businesses, it opens them up to more threats. Data exfiltration, impersonation, malware infection and loss of intellectual property emerged as the top security blind spots for organisations embracing digital transformation in their functioning.