Nearly half (47 percent) of companies in the Asia Pacific region cited employees' lack of awareness as their biggest cybersecurity challenge, according to Palo Alto Networks' The State of Cybersecurity in Asia Pacific report.
Out of the 500 businesss professionals across the region polled, 67 percent of them said internal threats, such as employees downloading unauthorised software, are somewhat or extremely likely to pose a cybersecurity risk to their organisation.
The lack of awareness may be due to the fact that most organisations are taking the reactive approach instead of proactive approach to cybersecurity. More than half (58 percent) of the respondents admitted that detecting and responding to cyberthreats are considered more important than prevention in their organisation.
In addition, 1 in 2 organisations stick to annual reviews of cybersecurity policies and standard operating procedures. Given the rapid evolution of cyberthreats, Palo Alto Networks advised companies to provide employees up-to-date cybersecurity training more than once a year to prevent and mitigate cyberattacks.
"Every company is a target, irrespective of industry sector, because the vast majority of cyberattacks are designed to gain a financial reward. Organisations will be better placed to mitigate internal and external threats by adopting a prevention-minded approach to cybersecurity," said Sean Duca, vice president and regional chief security officer for Asia-Pacific at Palo Alto Networks.
The study also found that 46 percent of the respondents are unable to keep up with available security solutions. As such, even though 74 percent of Asia Pacific organisations are allocating 5 to 15 percent of their IT budget to cybersecurity, they are take an erratic approach to cybersecurity. While antivirus solutions (69 percent) and firewalls (67 percent) are predominantly used, newer solutions such as two-factor authentication (27 percent) and biometrics (22 percent) saw low adoption rates.
Sign up for CIO Asia eNewsletters.