Cybersecurity in Asia, protecting networks and systems from digital attacks, is now becoming one of industries’ most significant tech issues. ThriveDX’s study revealed that the use of cybersecurity awareness programmes in all industries saw an increase in 2021, and approximately 97 percent of the surveyed companies are adopting cybersecurity practices to protect their systems.
Asia is no different. Governments in Asia are trying to draw more investments into computer security and prepare to increase their capacity.
Followed by the soaring demand, the number of cyberattacks against Asian enterprises and organisations also has increased over the past few years.
4i Magazine illustrates the current location of Asia’s cybersecurity and its future directions through key numbers.
Fastest Growing Cybersecurity Market
Future Market Insights‘ recent report says that the global market size of the cybersecurity industry will grow from $20 billion this year to $43 billion in 2032. The report noted that Asia shows the fastest increase out of all studied regions, spearheaded by China, India, and Japan.
According to the report, China’s industrial cybersecurity market will reach $3.2 billion, $2.6 billion in India, and $2 billion in Japan in the next ten years. The estimates of compound annual growth rates of these regions were higher than that of the United States and the United Kingdom — China’s will be 9.1 percent, India’s will be 9.3 percent, and Japan’s will be 9.2 percent. In comparison, the rates of the U.S. and the U.K. will remain around 7 percent until 2032, the study predicted.
The overall spending on cybersecurity has marked an uptick since last year. Spending on security solutions, including cyber security, will mark over the $31 billion threshold by the end of this year in Asia Pacific countries — excluding Japan — according to International Data Corporation’s report. The report noted that this is over a 15 percent increase from the 2021 number. The cybersecurity products and services market will also grow to $57 billion in Asia in 2026.
Another survey predicts that Asian enterprises will allocate 11 percent of their technology-related budget to cybersecurity, about a 2.5 percent increase compared to the last year. One of the key cybersecurity defence programmes surveyed companies invested in was threat hunting, identifying cyber threats lurking in their systems and networks to minimize their impact.
The Biggest Number of Cyberattacks
One reason that explains Asia’s increasing investment in cybersecurity is the rise in cyberattacks.
Earlier this year, IBM reported that Asia was the most targeted region for cyberattacks in 2021, taking on almost 25 percent of worldwide cyberattacks. Among the countries that received the most attacks were Australia, India, and Japan, and common forms of attacks included ransomware or network infiltration, according to the company. Organizations from the finance and manufacturing industries accounted for approximately 60 percent of cyberattacks.
A study from Check Point Blog also reveals that the number of cyberattacks in the Asia Pacific increased by 168 percent in 2021 compared to May 2020. Notably, the number jumped by 53 percentage points from April to May 2021. The study added that Japan accounts for almost 40 percent of cyberattacks in the Asia Pacific. The biggest cyber risk in this country was ransomware, the study said by quoting IPA data.
The occurrence of the Russia-Ukraine war is one of the other reasons. Experts say that the war made Asian governments and organizations realize the necessity of cyber-defence, ensuring data privacy, and effectively managing threats.
“The recent spate of cyberattacks preceding the Russia-Ukraine war has made the regional organizations take notice and invest in tools to plug existing gaps,” Vinay Gupta, Research Director of IT Spending Guides at IDC Asia/Pacific, said. “These investments must not be knee-jerk reactive purchases, rather should be planned as long-term strategic investments.”
COVID-19 and Digital Transformation
Digitalisation across industries also partly explains the increase in spending on cybersecurity. Enterprises and governments have been developing digital transformation programmes to use cloud-based systems, especially since the spread of COVID-19. The surge in digitalisation investments is connected to increased demand for cybersecurity services to keep their cloud-based systems safe.
Singaporean and Malaysian companies are some examples that are transitioning to digitalised workplaces, and cybersecurity service providers are also showing more efforts to meet the increased demand.
“The cloud trend in Singapore and Malaysia is changing cybersecurity needs,” ISG Provider Lens Research’s leader Jan Erik Aase said. “Providers of all sizes are stepping up by expanding their service offerings and packaging them as platforms,” he added.
The demand for effective cybersecurity services and management may grow bigger in the following years. According to Marsh’s report that studied risks and behaviours of Asian companies in cybersecurity, their surveyed respondents cited cybersecurity and data privacy as their “top-risk” in 2022. While half of the respondents said that their company is implementing effective cybersecurity policies, 45 percent of the respondents pointed out that the biggest challenge in their cybersecurity management is the “lack of skilled resources to understand and address risks.”
According to recent statistics, government spending on stringent cybersecurity management will also remain on the rise.
IDC reports that China, the largest cybersecurity market in Asia, takes on over 40 percent of total security spending in Asia in 2022. Telecommunications and state or local government are the two biggest drives in the Chinese security market, accounting for one-third of total spending in 2022. Australia and India follow China’s numbers, and the total spending of the two countries is 25 percent of worldwide security spending in 2022, IDC adds.
Different Concerns, Different Focuses – Cybersecurity in Asia
Despite millions of dollars invested in the industry, security leaders in Asia think there is room for improvement. Their cybersecurity concerns are different from global companies, too.
The Asian edition of “The State of Cyber Resilience” report, a joint study by Microsoft and Marsh, found that about 70 percent of their surveyed respondents said they are confident with their company’s cybersecurity resilience, but 48 percent replied that there is scope for improvement.
Almost one-third of the respondents said they had experienced security breaches at least once during the study period, while only 18 percent of their global peers experienced them. Asian companies suggested privacy breaches or data loss as their biggest concerns, and companies globally pointed out ransomware as the top cybersecurity concern. Only 58 percent of Asian companies thought ransomware was one of their top concerns.
Asian enterprises also implement more “passive” cybersecurity responses to attacks. For example, almost 34 percent of surveyed organizations did not have endpoint detection and response, which are essential in detecting the sources of cyberattacks. What’s worse, one in three Asian companies considers a new cybersecurity technology when there is a cyberattack or related incident. Twenty-six percent of the companies have not made any improvements to their existing cybersecurity technologies in the past 12 months, compared to 9 percent globally.
The report points out that Asian companies should revisit their cybersecurity strategies, noting that their passive approaches may have led them to a “miscalculated stance.”
“It is worrying to see that 1 in 3 organizations in Asia does not have endpoint detection and this would place those organizations’ potential insurability on the line. More than ever before, organizations need to place more emphasis on controls to help mitigate their cyberrisks,” said Faizal Janif, head of Asia Pacific cybersecurity advisory services at Marsh