Despite an acceleration of digital transformation across Asia Pacific (APAC), 65 per cent of organisations remain held back by an inability to prioritise cyber security.
That's according to findings from Frost & Sullivan - in a report commissioned by Forcepoint which found that the majority of businesses do not take cyber security seriously while embarking on digital projects.
However, the report also found that the majority of customers (72 per cent) do conduct regular breach assessments to protect themselves against cyber attacks, but 55 per cent still remain at risk.
Delving deeper, cloud was cited as a key component of digital transformation - 69 per cent of respondents have adopted cloud - but most businesses think cyber security is the responsibility of their cloud service provider.
“It is clear from this study that many APAC organisations are on the back foot when it comes to enterprise cyber security in the borderless organisation,” said Kenny Yeo, industry principal of APAC at Frost & Sullivan.
“Security leaders need to look beyond perimeter security, leverage automation, and have a better grasp of the psychology of both cybercriminals and their business users.
"Incorporating behaviour modelling into their IT security architecture is certainly a way to identify potential risks and fend off cyberattacks."
With 35 per cent of regional businesses suffering at least one cyber security incident in the last 12 months, cyber security defence measures are simply not sufficient enough.
However, 95 per cent of customers see value in digital transformation, having embarked on the journey of digitally transforming their organisation, adopting technologies such as cloud, mobility, Internet of Things (IoT), artificial intelligence (AI) and machine learning (ML).
Despite this, 65 per cent see cyber security seriously hampering the successful execution of digital transformation projects.
The report found that regional businesses did not consider cyber security when designing digital transformation projects, instead 83 per cent only considered cyber security after the projects had begun.
“Organisations today need to urgently to embrace 'secure-by-design' into their digital transformation projects,” said Alvin Rodrigues, senior director and security strategist at Forcepoint Asia Pacific.
“Adopting a behaviour-centric security approach that focuses on understanding users’ behaviour on the network and within applications to identify behavioural anomalies can mitigate cyberattacks before they happen."
Market misconceptions
Furthermore, the report found that there are still serious misconceptions around security in the cloud, with 54 per cent of respondents believing that their cloud service provider should take full responsibility for protecting the business.
Whereas, what usually happens is security and compliance are the shared responsibility of both the organisation and the provider. Consequently, such a misconception is resulting in a higher number of cyber attacks.
As more digital technology is built into business like cloud and mobility, it is opening each organisation up to more threats.
Data exfiltration, impersonation - both theft of digital identity and online brand impersonation - loss of intellectual property and malware infection emerged as the top security blind spots for organisations rolling out digital transformation.
These five incidents, the study states, have high levels of business impact and long recovery times.
