Infoblox study finds Singapore companies are the slowest in reacting to security breaches

Infoblox study finds Singapore companies are the slowest in reacting to security breaches

An Infoblox study of 100 local companies found that despite being among the highest to be targeted by cyberattacks, Singapore businesses have the slowest times when it comes to responding to security breaches.

This was despite Singapore companies seeing higher rates of security incidents and breaches compared to other countries. A majority (65%) of Singapore respondents experienced six or more IT security incidents, compared to just 21% of global peers.

And unfortunately for these local companies, many of these cyberattacks (73%) resulted in a breach.

But that raised even more issues.

The study found that less than half (49%) of them were able to respond to a threat within 24 hours, compared to 70% of their global peers. A lack of threat intelligence capabilities due to poor network visibility (32%) and shortage of IT security skills (32%) was quoted as a contributing factor.

But Lise Feng, Director at Infoblox, said that the slow rate of response could be due to company protocols for what happens when a security incident comes to light. She added that investigations could be slowed down if a security incident goes undetected for a prolonged period, which would point to a need for better detection capabilities.

Among those that suffered a breach, respondents reported that the most likely culprits were a cloud infrastructure or application (45%), an IoT device or network (42%), or remote, employee-owned endpoint (32%).

Always the human factor

Despite numerous reminders and security briefings, Singapore employees were still falling prey to phishing attacks with phishing attacks accounted for 68% of breaches reported in the past 12 months in Singapore, followed by ransomware (59%) and APTs (57%).

According to Feng, these findings suggest Singaporean organisations are struggling more than their counterparts to secure remote work. “While there are no silver bullets in security, more proactive detection as described earlier, and remediation will help. That 69% expect their budgets to increase in 2022 spells an opportunity for organisations to invest in DDI and DNS security,” she added.

Alvin Rodrigues, Field Chief Security Officer, Asia Pacific, Infoblox said:

With Singapore’s high rate of security breaches and slow response rates, cloud-first networks and corresponding security controls have gone from nice-to-have features to business mainstays. To address the spike in cyberattacks, security teams are turning to DNS security and zero trust models like SASE for a more proactive approach to protecting corporate data and remote devices

And this falls in line with the direction of security spending Singapore companies have been making. A large majority of respondents (73%) in Singapore reported an increase in IT security budgets in 2021, and 69% expect their budgets to increase in 2022.

Spending and resources have been going towards cloud, data, and network protections. Popular purchase options for on-premises investments include DNS security (28%) and network security (26%). Data encryption (37%) and cloud access security brokers (36%) are the most popular cloud-based investments.