Despite facing high potential cost to their business, Malaysian companies are not addressing at least 60% (3,000) of the 5,000 cyber threat alerts they received daily, according to the Cisco 2018 Asia Pacific Security Capabilities Benchmark Study.
Beyond that, those who faced breaches in the past twelve months have stated losses ranging from USD$500,000 (RM2.078 million) to USD$10 million (RM41.6 million) or more from such attacks. This includes costs from loss of revenue, loss of customers, and out of pocket expenses.
Consequently, 84% of respondents revealed that their company has suffered a breach in the past year, alone, highlighting the scale of the challenge companies faced in tackling the rapidly evolving cyber threat landscape.
According to Albert Chai, Managing Director of Cisco Malaysia, “The lack of focus by Malaysian companies in addressing threat alerts is a cause for concern, particularly in the wake of the recent slew of ransomware attacks. Given that digital innovation and adoption have been a key theme in Malaysia in the past decade, the ability to tackle these risks is crucial in ensuring the long-term success of Malaysia’s digital economy.”
However, it is not all bad news for Malaysia as the study also revealed that local companies are faring better than their regional counterparts in prioritising personnel training in the aftermath of a breach.
59% of Malaysian companies place this as a priority as compared to 54% in Korea, 46% in Singapore and 33% in Japan.
This sentiment is echoed Victor Lo, Head of Cybersecurity who believe that more than employing the most cutting-edge technology and solutions, equipping people with the right skills and capabilities is paramount in building a robust cybersecurity posture.
“The best form of security to combat the high volume of attacks is still ‘human’ security. We recognise that only the industry can train the industry. Thus, we have been working very closely with organisations such as Cisco to train the next generation of cybersecurity professionals here in Malaysia,” Victor added.
Given the growing scale of cyber threats, respondents say they expect scrutiny of their security policies to increase over the next one year. This is especially as customers and stakeholders are keen to ensure that their data is protected.
Joshua McCloud, National Cybersecurity Officer, Security & Trust Organisation at Cisco called on organisations to consider cybersecurity from an enterprise risk management perspective.
“Improving security preparedness starts at the top of the boardroom level, and executives need to see cybersecurity as a serious and legitimate threat to the business. This coupled with the right approach in communicating cybersecurity threats by experts will help to significantly improve organisations’ cybersecurity posture,” Joshua concluded.