State of cyber security in APAC
As the nature of business and work evolves to become more digital, companies are not sufficiently equipped to identify and remedy the unique cybersecurity challenges that are prevailing in the current digital age. This has been reaffirmed by a recent survey of Asian IT professionals undertaken by Synopsys, a leading software company. A total of 251 IT professionals from the APAC region were surveyed at the GovernmentWare (GovWare) 2018 conference to understand the challenges faced by the industry professionals. The 27th edition of the GovWare conference was held in Singapore earlier this year from September 18 to 20.
Cyber Security Is a Prominent Threat: A majority of those who participated in the survey felt that their company was in the high or medium risk for a cybersecurity attack. Threat/breach detection (49%), protecting data and IP (36%), and regulatory compliance (14%) were the top security concerns among them.
Challenges for IT Businesses: 36% of the respondents feel customer-facing web applications pose the biggest security challenge for businesses and IT professionals. These were followed by internal-facing web applications (26%), mobile applications (25%), desktop applications (24%) and embedded and IoT systems (16%).
Companies Are Better Prepared: 71% of those who participated in the survey said that their company has a response strategy in place if a cybersecurity breach occurs. This figure was 66% in the last year’s survey. 13% reported to not having any strategy in place, whereas 16% were unsure of the same.
Dearth of Talent and Budget for Cyber Security: There is a shortage of skilled security professionals, as 56% of the respondents stated the same to be the biggest roadblock to implement an application security program. Other factors responsible are little or no budget (18%) and lack of management buy-in (17%).
Importance of Training: 83% of the respondents admitted that they have received some form of mandatory or ad-hoc cyber training in their company. This means that organizations have already had the realization regarding the importance of training and developing their security personnel.
Risk from Open Source Software Solutions: Only 43% of those surveyed said that their organization has an established process for inventorying and managing open source software; 30% replied that their company has none. Another 27% reported to not using open source software at all.
Geok Cheng Tan, managing director of Asia Pacific at the Synopsys Software Integrity Group says, “It is not surprising that web and mobile applications continue to pose such a major challenge to businesses in the Asia Pacific region, as they often process highly sensitive information and cyber-attacks targeting them are growing in sophistication. With an escalating number of cybersecurity incidents large and small, it is increasingly clear that software development life cycles (SDLC) have to be not about pushing software quickly to market, but building software quickly and securely.”
The results of the survey indicate that employers and leaders need to give due attention to the cybersecurity challenges that exist today. The fact that the challenge is multi-faceted and growing stronger needs to be duly identified and suitable response strategies need to be developed. The issue is compounded by the fact that there is a lack of skilled professionals in the domain, and that training is a critical component of the profession. For HR leaders and training professionals, this presents a unique opportunity to solve a critical business challenge and help organizations become more agile.