Top management in the region lacks cyber security awareness, Sophos survey reveals
The shortage of cybersecurity professionals along with a lack of awareness at the top level is a key threat to the cyber security of organisations based in Asia Pacific & Japan. This revelation was made public by Sophos, the global cybersecurity solutions provider, recently through their survey report titled, The Future of Cybersecurity in the Asia Pacific and Japan.
Conducted in collaboration with Tech Research Asia (TRA), the study reveals a lack of boardroom awareness of cybersecurity and a broad assumption from executives that their company will never get attacked, despite rising ransomware incidences, impact and cost.
Despite cybersecurity expenditure and self-assessed maturity increasing in the Asia Pacific and Japan (APJ) organisations over the past 12 months, only 40 per cent of companies surveyed believe their board truly understands cybersecurity. Sixty per cent of respondents also believe cybersecurity vendors do not provide them with the information they need to help educate executives, and 88 per cent of companies agree their biggest security challenge in the next 24 months will be the awareness and education of employees and leadership.
The top two attack vectors of concern for APJ organisations are directly addressable by ongoing education and awareness campaigns: phishing or whaling attacks, and weak or compromised employee credentials.
The skills shortage continues to be a key focus area in organisations across the region. Seventy-three per cent of firms surveyed expect to have some problems with recruiting cybersecurity employees over the coming 24 months; 26 per cent expect to face a major challenge.
Comments