Singapore Spends Big on Security, But Employees Are Still Clueless
- By CDOTrends editors
- March 04, 2024
This year, Singaporean companies are taking decisive steps to bolster their defenses. A recent study by KnowBe4 has revealed a marked increase in cybersecurity spending among Singaporean IT decision-makers, with a notable 87% planning to allocate funds for cybersecurity measures in 2024, a significant rise from 72% in 2022.
The investment surge comes against a backdrop of growing concerns over cybersecurity threats. Over half of the IT decision-makers in Singapore (51%) expressed heightened worries about phishing attacks, an increase from 45% in 2022. Meanwhile, concerns over Business Email Compromise (BEC) remain high, with 40% of respondents flagging it as a critical issue.
Despite the increased spending, these companies have an apparent gap in cybersecurity awareness and preparedness. Less than half of the IT decision-makers believe that their employees fully grasp the business impact of cyber-attacks. Furthermore, confidence in employees' ability to identify phishing and BEC emails remains relatively low, emphasizing the need for more robust training and awareness programs.
“As one of the most interconnected countries in the world, Singapore is a prominent target for cyber-attacks and cyber-crime," stated David Bochsler, vice president of sales APAC at KnowBe4. “The planned increase in cyber spend demonstrates that protecting companies remains a high priority for Singaporean IT professionals. As the nation accelerates its digitization efforts, there is a heightened sense of urgency to shield companies from evolving cyber threats.”
The study highlights a shift in investment priorities, with 64% of respondents indicating plans to fund cybersecurity awareness training programs. This preference for training programs underscores the industry's recognition that employee behavior is critical to cybersecurity risk management.
"There is no one-stop solution for cyber protection. Rather, companies should focus their efforts on ultimately creating a strong security culture," Bochsler added, emphasizing the importance of a holistic approach that includes building a resilient human firewall through effective training and awareness programs.
Only 42% of IT decision-makers are confident in their knowledge of the steps to take following a cyber incident or data breach, a slight improvement from 37% in 2022 but a decrease from 51% in 2021. This indicates a critical need for enhanced breach response planning and employee training.
"Preparing employees to be the last line of defense for an organization is a critical component of a strong cybersecurity program," warned Bochsler.
Image credit: iStockphoto/kimberrywood