Singaporean organisations are ramping up their spending in cybersecurity according to new research from KnowBe4 reporting investment in cybersecurity measures is rising, with close to nine in ten (87%) respondents expressing their intention to invest in or allocate funds toward cybersecurity in 2024. This marks a significant uptick from 72% reported the previous year in 2022.
Despite the increased investments, the research uncovers concerning trends in cybersecurity awareness and preparedness among Singaporean organisations. More than half (51% – up from 45% in 2022) Singaporean IT decision makers say they are concerned about phishing, perceiving it as a significant risk to their organisations, and almost 40% are concerned with BEC (Business Email Compromise) (38% up from 30% in 2022 and down from 40% in 2021).
Alarmingly, less than half (45% – down from 47% in 2022 and 54% in 2021) of Singaporean IT decision makers believe the employees in their organisations understand the business impact of their businesses falling victim to a cyber-attack, and worryingly only two in five (38%) are confident their employees can identify phishing and BEC emails (37% in 2022 and 43% in 2021) and (40%) of employees report all emails they believe to be suspicious (41% in 2022 and 40% in 2021).
David Bochsler, VP of sales APAC at KnowBe4: “As one of the most interconnected countries in the world, Singapore is a prominent target for cyber-attacks and cyber-crime. The planned increase in cyber spend demonstrates that protecting organisations remains a high priority for Singaporean IT professionals. As the nation accelerates it’s digitisation efforts, there is a heightened sense of urgency to shield organisations from evolving cyber threats.”
Cybersecurity awareness training the most popular investment
Of those who are planning on spending money towards cybersecurity in 2024, the most popular area of investment is to spend funds on a cybersecurity awareness training program with ongoing and relevant content (64% – up from 56% in 2022 and 65% in 2021), followed by new cybersecurity software solutions (61% – up from 54% in 2022 and 57% in 2021), and employee policy changes related to cybersecurity (55% – same as in 2022, and 47% in 2021).
Other areas of investment include cybersecurity insurance (50% – up from 36% in 2022 and 55% in 2021), simulated phishing and social engineering for end users (49% – up from 42% in 2022 and 44% in 2021), and further investment in infrastructure (45% – up from 40% in 2022 and 55% in 2021).
“With an emphasis on spending cybersecurity funds on security awareness training, it is clear that employees’ behaviour is a major concern when it comes to cybersecurity risk. There is no one-stop solution for cyber protection. Rather, organizations should focus their efforts on ultimately creating a strong security culture,” said Bochsler.
Singaporean organisations unprepared for data breaches
Also a cause for concern, only two in five (42% – up from 37% in 2022 and down from 51% in 2021) of IT decision makers say they are confident they would know the steps they would need to take following a cyber incident or data breach in their organisation.
“Unfortunately, the prevalence of breaches has continued to increase and preparing employees to be the last line of defence for an organisation is a critical component of a strong cybersecurity programme,” warns Bochsler. “It is key for organisations throughout Singapore to adopt a holistic approach that includes building a resilient human firewall through effective training and awareness programmes.”