We are creating some awesome events for you. Kindly bear with us.

HKPC Releases Cyber Security Readiness Index Findings

Image Credits: HKPC, Press Release

The Hong Kong Productivity Council (HKPC) released the results of the HKT Hong Kong Enterprise Cyber Security Readiness Index 2022. The Overall Index rose for the second successive year and surpassed 50 for the first time since the Index began in 2018 to 53.3 (maximum being 100), up 3.7 from last year. SMEs led the surge again, rising from 3.1 to 50.7. The Overall Index consists of four areas: Policy and Risk Assessment, Technology Control, Process Control, and Human Awareness Building.

In 2022, Process Control performed the best at 73.1 following a surge of 14.4 due to improvements being observed in both privileged access management and data backup management. However, Human Awareness Building remained an area of concern with a drop of 2.5 to 25.1.

By sector, Financial Services (65.7) continued to be the most vigilant at the Managed level, joined by Information and Communication Technology (61.1) which posted the highest increase of 8.9. Manufacturing, Trading and Logistics (57.5) also went up by 8.5.

The survey also found that nearly two-thirds (65%) of the enterprises surveyed have encountered cyber security attacks in the past 12 months, up 24 percentage points from last year. Phishing attacks were the most common type of cybersecurity attack being encountered by nearly all enterprises (94%); a significant uplift of 12 percentage points compared with last year. Email phishing (83%), particularly, was the most frequently used ploy with vishing (voice phishing) (32%) and spear phishing (28%) emerging.

This year, the survey continued to explore the opinions and deployments of the surveyed enterprises on managed security services (MSS) as well as their plans to enhance cyber security. It found that nearly half (49%) of enterprises surveyed have subscribed to MSS.

Concurrently, 31% of those not using MSS currently and planning to enhance cyber security said they would consider using the service in the next 12 months. Moreover, 48% of enterprises surveyed said a lack of IT support and management staff is their biggest challenge in cyber security management, up 3 percentage points compared with last year.

Moreover, the top three most important cyber security services selected by surveyed enterprises included firewalls/internet (62%), emails (56%) and solutions on remote access (50%), of which solutions on remote access were up 6 percentage points from last year, indicating higher demand due to the pandemic and the increased adoption of flexi-work location policy.

Among those enterprises with plans to enhance their cyber security, 69% of them plan to enhance cyber security in remote access management solutions, up 16 percentage points compared with last year, reflecting that enterprises deem the provision of a secure environment in a hybrid workplace to be critically important. In addition, 57% of those enterprises with plans to enhance their cyber security would strengthen cyber security training, surging by 11 percentage points compared with 2021.

The General Manager, Digital Transformation of HKPC stated that the Overall Index continued to rise, indicating that enterprises are attaching more importance to cyber security and investing more resources in it which is encouraging. However, he noted that staff security awareness remains the most difficult area to improve. This may be related to the continuous need to strengthen their security awareness as cyber-attacks increase in variety, volume and complexity, especially phishing attacks.

Therefore, enterprises must regularly conduct cyber security training and update the content to increase staff participation in the cyber security planning of the companies and improve their cyber security behaviours and awareness.

To help with this, the HKPC provides both relevant training courses and organises various activities as well as phishing drill services for enterprises to enhance employees’ ability to prevent and respond to such attacks. To enhance cyber security readiness to the Managed level, Hong Kong companies must formulate a comprehensive cyber security plan, allocate appropriate resources and implement it effectively.

Meanwhile, the Head of Commercial Solutions and Marketing, Commercial Group, HKT stated that recently, enterprises have been proactively seeking to drive digital transformation, the pace of which has been further accelerated as more companies implemented hybrid and remote work arrangements during the pandemic.

As cyber-attacks grow continuously more complex, enterprises must ramp up their cyber security strategies and execution. Faced with a shortage of relevant local talent, there has been an increased demand for managed cybersecurity services.

A wide array of managed cybersecurity service providers are currently available on the market. When choosing an appropriate partner, enterprises must consider whether the service provider possesses all-around accreditation and is capable of comprehensive support, including ISO 27001 and the top professional cyber security accreditations.

It is also important for the service provider to offer 24/7 monitoring and assistance across all geographic regions and time zones and has access to intelligence and information on the latest developments of global cyber security threats. On top of catering for large corporations, SME-targeted solutions offer greater agility in terms of operation and budget planning, which may prove more suitable for their needs.

In terms of cyber security support, local enterprises can browse HKPC’s Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) website to conduct the Check Your Cyber Security Readiness online self-assessment and download the recently published Incident Response Guideline for SMEs.

In addition, the HKPC’s cyber security consultants also provide SMEs with cyber security and privacy assessments, as well as vulnerability scanning and penetration testing services.

Conducted independently by HKPC, supported by HKCERT and sponsored by HKT, the survey assesses the readiness of Hong Kong enterprises in tackling current cyber threats. In the survey, telephone interviews with 367 enterprises covering six industry categories were conducted in September 2022.


Qlik’s vision is a data-literate world, where everyone can use data and analytics to improve decision-making and solve their most challenging problems. A private company, Qlik offers real-time data integration and analytics solutions, powered by Qlik Cloud, to close the gaps between data, insights and action. By transforming data into Active Intelligence, businesses can drive better decisions, improve revenue and profitability, and optimize customer relationships. Qlik serves more than 38,000 active customers in over 100 countries.


CTC Global Singapore, a premier end-to-end IT solutions provider, is a fully owned subsidiary of ITOCHU Techno-Solutions Corporation (CTC) and ITOCHU Corporation.

Since 1972, CTC has established itself as one of the country’s top IT solutions providers. With 50 years of experience, headed by an experienced management team and staffed by over 200 qualified IT professionals, we support organizations with integrated IT solutions expertise in Autonomous IT, Cyber Security, Digital Transformation, Enterprise Cloud Infrastructure, Workplace Modernization and Professional Services.

Well-known for our strengths in system integration and consultation, CTC Global proves to be the preferred IT outsourcing destination for organizations all over Singapore today.


Planview has one mission: to build the future of connected work. Our solutions enable organizations to connect the business from ideas to impact, empowering companies to accelerate the achievement of what matters most. Planview’s full spectrum of Portfolio Management and Work Management solutions creates an organizational focus on the strategic outcomes that matter and empowers teams to deliver their best work, no matter how they work. The comprehensive Planview platform and enterprise success model enables customers to deliver innovative, competitive products, services, and customer experiences. Headquartered in Austin, Texas, with locations around the world, Planview has more than 1,300 employees supporting 4,500 customers and 2.6 million users worldwide. For more information, visit www.planview.com.


SIRIM is a premier industrial research and technology organisation in Malaysia, wholly-owned by the Minister​ of Finance Incorporated. With over forty years of experience and expertise, SIRIM is mandated as the machinery for research and technology development, and the national champion of quality. SIRIM has always played a major role in the development of the country’s private sector. By tapping into our expertise and knowledge base, we focus on developing new technologies and improvements in the manufacturing, technology and services sectors. We nurture Small Medium Enterprises (SME) growth with solutions for technology penetration and upgrading, making it an ideal technology partner for SMEs.


HashiCorp provides infrastructure automation software for multi-cloud environments, enabling enterprises to unlock a common cloud operating model to provision, secure, connect, and run any application on any infrastructure. HashiCorp tools allow organizations to deliver applications faster by helping enterprises transition from manual processes and ITIL practices to self-service automation and DevOps practices. 


IBM is a leading global hybrid cloud and AI, and business services provider. We help clients in more than 175 countries capitalize on insights from their data, streamline business processes, reduce costs and gain the competitive edge in their industries. Nearly 3,000 government and corporate entities in critical infrastructure areas such as financial services, telecommunications and healthcare rely on IBM’s hybrid cloud platform and Red Hat OpenShift to affect their digital transformations quickly, efficiently and securely. IBM’s breakthrough innovations in AI, quantum computing, industry-specific cloud solutions and business services deliver open and flexible options to our clients. All of this is backed by IBM’s legendary commitment to trust, transparency, responsibility, inclusivity and service.

Send this to a friend