In a new survey on cybersecurity, 71 per cent of Hong Kong respondents say cyberattacks have become more sophisticated, yet the biggest barriers they face in combatting cybercrime are keeping up with available security solutions and the lack of security professionals. This and other findings were revealed in "The State of Cybersecurity in Asia-Pacific" by Palo Alto Networks.
Mirroring Hong Kong, nearly half (46 per cent) of all companies surveyed across the Asia-Pacific region said they were unable to keep up with evolving cybersecurity solutions. On the other hand, 54 per cent of respondents in China cited this as the primary barrier to ensuring cybersecurity at their organization and cited external users as the second-biggest challenge.
The survey also covered the sensitive subject of monetary loss due to cyberattacks in the period covering fiscal year 2016-17. Disturbingly, 69 per cent of Hong Kong respondents said they had been financially impacted, with two companies stating they had each suffered a loss of HK$7.8 million (US$1 million) or more. Apart from money, Hong Kong business said they feared both loss of client information (31 per cent) and company downtime while the breach was fixed (31 per cent).
Many take a ‘pick and mix’ approach to security
Rather than a comprehensive approach to security, Hong Kong businesses have taken an erratic approach when it comes to protective measures. Antivirus and firewalls are the most popular security measures taken, but when asked about securing their data, just 17 per cent said they backed up off-site and 19 per cent used two-factor authentication. 30 per cent said they had anti-ransomware measures in place.
Most have a positive attitude towards cybersecurity, but threats lurk within: 82 per cent said they had a dedicated IT department or team and, encouragingly, over half (52 per cent) had increased spending to build better cyber defenses.
However, the biggest cybersecurity challenge cited was not from the outside but from employees’ lack of awareness about cybersecurity, according to 52 per cent of respondents.
Reporting the future
Three-quarters of respondents felt there was a need to make breach reporting to regulators mandatory, with 81 per cent saying this will help prevent cybercrime. Encouragingly, 38 per cent said they shared attack information with other companies in their industry.
"Unfortunately, Hong Kong businesses are experiencing an onslaught of sophisticated cyberattacks and have suffered financial loss,” says Sean Duca, vice president and regional chief security officer for Asia-Pacific at Palo Alto Networks.
“Every company is a target, irrespective of industry sector, because the vast majority of cyberattacks are designed to gain a financial reward. Organizations will be better placed to mitigate internal and external threats by adopting a prevention-minded approach to cybersecurity."