We're ill-equipped to detect cyber attacks, a third of S'pore outfits say

Posed photo of a man typing on a laptop.
Posed photo of a man typing on a laptop.PHOTO: BLOOMBERG

About a third of Singapore organisations do not believe their outfits are well-equipped enough to detect sophisticated cyber attacks, according to a recent survey released yesterday.

This is in line with the global figure, which stands at 36 per cent.

The annual survey, by financial services consulting firm EY, also found that a hefty 56 per cent of Singapore respondents think their IT security budgets should be boosted by up to 50 per cent to get their protection up to a satisfactory level.

Globally, the response came in higher at a staggering 69 per cent.

"Organisations are embracing the digital world with enthusiasm, but there must be a corresponding optical in addressing the increasingly sophisticated cyber threats," said Mr Paul O'Rourke, EY cyber security leader for Asia-Pacific.

"Businesses should not overlook or underestimate the potential risks of cyber breaches. Instead, they should develop a laser-like focus on cyber security and make the required investments."

The study polled some 1,750 organisations across all major industries from 67 countries, including 35 from Singapore.

EY did not disclose the names of the companies and govern-ment agencies involved.

It showed that about 44 per cent of Singapore organisations did not have a dedicated security operations centre that manages its security issues, including those related to cyber security.

This was only slightly lower than the global response of 47 per cent.

Hacktivists came up as the top source of cyber attacks for organisations here, at 74 per cent, followed by cyber criminals (62 per cent) and employees (41 per cent).

Accordingly, Singapore respondents said they see "unaware employees" - namely those unaware of the implications of their actions especially in the digital world - as the biggest risk, followed by malware.

Mr O'Rourke noted that organisations should ideally allocate 5 per cent to 7 per cent of their total IT budget - or up to 10 per cent, for those in highly regulated industries - to improve their information security processes.

"(Companies) will have to work out what their critical business assets are and make sure those assets receive protection."

He added: "The only way to make the digital world fully operational and sustainable is to enable organisations to protect themselves and their clients and to create trust in their brand."

A version of this article appeared in the print edition of The Straits Times on December 01, 2015, with the headline 'We're ill-equipped to detect cyber attacks, a third of S'pore outfits say'. Print Edition | Subscribe