According to a recent study conducted by an IT company through third-party researchers, firms in the Philippines are not able to address nearly half of the legitimate cybersecurity threats that they receive.
As reported, the Cisco 2018 Asia Pacific Security Capabilities Benchmark Study showed that companies in the region receive six threats every minute but only 50% of these are being investigated.
More than 2,000 respondents across 11 countries participated in the study. The 11 countries are China, Korea, Japan, Singapore, Thailand, Malaysia, Vietnam, Philippines, Indonesia, Australia, and India.
For the Philippines, there were 150 respondents from the financial services, telecommunications, retail, and software industries all classified as medium and large enterprises.
42% of the Philippine respondents, according to the study, received 5,000 alerts per day, still among the lowest share in the Southeast Asian countries.
The results are lower because as compared to Singapore, the country is not as digitised yet.
Second cause would be the Data Privacy Act that has recently been implemented, which created a lot of awareness and education.
While the number of attacks is less compared to the other five Southeast Asian countries, the fact cannot be discounted that it may be less in volume but the attacks could be bigger.
On average, however, local firms only investigate 50% of the alerts they receive. Of those investigated, 30% turn out to be legitimate, of which only 51% are acted upon and corrected.
Information technology infrastructures are not the only areas where attacks were observed. Operational infrastructures such as data centre, cloud services and endpoints were also on the receiving end.
About 19% of the respondents said they encountered such attacks on their operational infrastructure, and more than a quarter expect these in the coming year.
The threat is really becoming bigger. The new kind of security discussion or conversation is happening globally. The security has gone beyond borders because of this.
Cybersecurity has become an industry. The cyber-hacking industry is massive globally and that is precisely why there are a lot of actors coming about in many parts of the world.
The reason would be the amount of data that is available today and how these data have become a source of revenue and income.
Moreover, the study showed that companies in the country had the largest percentage in terms of allotting budget both for information technology and security.
The Philippines had the largest percentage of companies, at 37%, whose security budget is completely separate from the IT budget.
That is one of the reasons why the Philippines may actually be doing much better in terms of ranking.
Earlier this year, the company said in a study that the Philippines needs to spend US$ 8.8 billion between 2018 and 2025 to be in line with the average benchmark and US$ 22.8 billion to be in line with “global best-in-class countries” within the same period.
60% of the respondents, in the region, said cybersecurity attacks cost them more than US$ 500,000, while 51% of cyberattacks resulted in losses of more than US$ 1 million.
These costs include lost revenue, lost customers, lost opportunities and out-of-pocket costs, among others.
With multiple security providers coming and companies engaging different providers, identifying and managing threats take longer.
The study said 97% of respondents in the Asia Pacific are having a hard time managing the multiple alerts they receive from these vendors.
