Philippine business, among Southeast Asia, are the most confident and proactive in dealing with cybersecurity issues according to recent research conducted by global cybersecurity provider Palo Alto Network.
The research survey was conducted among 400 respondents from a diverse range of industries and sizes from four key ASEAN nations: Thailand, Indonesia, Philippines, and Singapore. The survey was conducted online last February, prior to commencement of strict widespread social distancing measures.
According to the Palo Alto Network research, about 54% or one in two companies in the country have increased their cybersecurity budget compared in 2019, with about half (43%) alloting a majority of its IT budgets to cybersecurity. This spending, Palo Alto Network notes, is attributed to the need to upgrade existing security framework to automate technologies (67%), a growing volume of cyberthreats (63%), and the result of cyber risk assessment (57%).
“It’s encouraging to see that Philippine companies are consistent in giving due importance and attention to cybersecurity. This underscores businesses’ growing awareness of the importance of preventing successful cyberattacks that have the potential to disrupt businesses, as we’ve seen in recent years,” said Oscar Visaya, country manager for the Philippines, Palo Alto Networks.
“However, in light of the COVID-19 pandemic, businesses will now need to navigate the newfound risks brought about by remote work and other COVID-19 themed threats. This will require a relook at cybersecurity existing strategies and investments,” Visaya added.
Alongside popular solutions such as anti-malware and anti-virus tools (86%) as well as next-generation firewalls (59%), almost half of the respondents (47%) said their companies have begun investing in cloud-native security. According to the Asia Cloud Computing Association’s 2018 Cloud Readiness Index, the Philippines ranked ninth in terms of cloud adoption in the Asia-Pacific region.
Emerging solutions such as software-defined wide-area network security (42%) have also become popular as more companies across the Philippines connect offices and staff to cloud infrastructure.
However, this is a double-edged sword as more than half of the company respondents believe that the most glaring obstacle is employees’ lack of awareness on cybersecurity (58%), thus making an organization more vulnerable to internal cyberthreats. Other cybersecurity challenges noted in the survey were: risks from third-party service providers and suppliers (45%), and IT departments having other priorities on which to focus (33%).
The report also noted that Philippine companies are the most proactive and frequent in reviewing cybersecurity standing operating procedures (SOPs), particularly companies in the finance, transport, and public sectors. The Palo Alto Networks survey observes that 98% of Philippine companies claimed to have updated their cybersecurity policies and SOPs at least once a year.
Philippine companies are also the most mindful about transparency when it comes to cyberthreats, with 98% supporting mandatory reporting of data breaches to authorities in compliance with guidelines by the National Privacy Commission (NPC).
The country also led its ASEAN neighbors in maintaining and overseeing cybersecurity in company workstations. 83% of companies surveyed said they check their computers monthly to ensure data protection software is up to date.
Likewise, the Philippines have the most organizations (93%) that clearly communicate their cybersecurity SOPs with their employees. With this, less than half (45%) of the Philippine respondents believe that their company is susceptible to cyberattack, in line with the high scores for confidence.
Despite the high level of confidence, almost a third of the companies in the Philippines (29%) still regard their organization’s cyberthreat risk level as “high” and “very high”, with 49% claiming that monetary damage worsened last year compared to 2018. Besides the monetary damages, companies regard the loss of internal data (38%) such as employee information and intellectual property, and external data (24%) such as customer transactions, as the biggest worries during a cyberattack.
“Philippine companies are being confronted by new cyber risks and perennial threats, which leave cybersecurity teams and the broader workforce with little choice but to adapt. The race is now on for businesses to leverage new tools such as automation and machine learning to close the gap as fast they can, and secure both an ever-expanding network and a growing number of connected devices,” added Visaya.