Sophos reveals that despite cyberattacks increasing, cybersecurity budgets have remained stagnant
Sophos, the well-known provider of cybersecurity products & solutions, has announced the findings of the second edition of its survey report – The Future of Cybersecurity in Asia Pacific and Japan – which reveal that despite cyberattacks increasing, cybersecurity budgets have remained stagnant and executive teams continue to underestimate the level of damage threats can do to organisations. The Sophos report came out in collaboration with Tech Research Asia (TRA).
The report says that in India, despite having the highest percentage of companies with an independent security budget, over 52 per cent of organisations concede that they fell victim to a successful cybersecurity attack in the last 12 months. Of these successful breaches, 71 per cent of organisations admitted it was a serious or very serious attack, and 65 per cent said it took longer than a week to remediate.
“Cyberbreaches are a reality that we cannot afford to ignore. Within an organisation, there will always be multiple threats that can exploit various vulnerabilities and launch full blown cyberattacks. The only way to stop these threats is to actively hunt for them and neutralize them. This makes threat hunting an important function to mitigate the damage caused by cyberattacks. Hence, there is a strong need for increased cybersecurity budgets to include threat hunting in house or outsourced services like managed detection and response (MDR). Our findings show there is budget allocated for cybersecurity in India, but it isn’t enough. Indian organisations need to view cybersecurity as a value to the business and increase their budgets accordingly”, said Sunil Sharma, Managing Director, Sales, Sophos India & SAARC.
While attacks are increasing in frequency and severity, cybersecurity budgets remained largely unchanged as a percentage of revenue between 2019 and 2021. At the same time, India reported the highest percentage of companies that have an independent security budget. Furthermore, they expect a rise in the median percentage of technology budgets spent on cybersecurity from 9 percent today to 10 percent in the next 24 months.
“Ultimately, security is about right sizing the risk. If the risk increases, budgets should also increase, but in this climate of uncertainty, we’ve seen organisations take a conservative approach to security spending, which is impacting their ability to stay ahead of cybercriminals”, said Trevor Clarke, lead analyst and director at Tech Research Asia.
Overall, 44 per cent of Asia-Pacific and Japan (APJ) organisations surveyed suffered a data breach in 2020, up from 32 per cent in 2019. Of these successful breaches, 55 per cent of companies rated the loss of data as either ‘very serious’ (24 per cent) or ‘serious’ (31 per cent). Seventeen per cent of organisations surveyed suffered at least 50 attacks, per week.
Qaisar
