Investment in cyber security measures increased as nine in ten IT decision makers plan to spend on cyber security in 2024
Singaporean organisations are ramping up their spending in cybersecurity according to new research from KnowBe4 reporting investment in cyber security measures is rising, with close to nine in ten (87%) of respondents expressing their intention to invest in, or allocate funds toward cybersecurity in 2024. This marks a significant uptick from 72% reported the previous year in 2022.
Despite the increased investments, the research uncovers concerning trends in cybersecurity awareness and preparedness among Singaporean organisations. More than half (51% - up from 45% in 2022) Singaporean IT decision makers say they are concerned about phishing, perceiving it as a significant risk to their organisations, and almost 40% are concerned with BEC (Business Email Compromise) (38% up from 30% in 2022 and down from 40% in 2021).
Alarmingly, less than half (45% - down from 47% in 2022 and 54% in 2021) of Singaporean IT decision makers believe the employees in their organisations understand the business impact of their businesses falling victim to a cyber-attack, and worryingly only two in five (38%) are confident their employees can identify phishing and BEC emails (37% in 2022 and 43% in 2021) and (40%) of employees report all emails they believe to be suspicious (41% in 2022 and 40% in 2021).
David Bochsler, VP of sales for APAC at KnowBe4: “As one of the most interconnected countries in the world, Singapore is a prominent target for cyber-attacks and cyber-crime. The planned increase in cyber spend demonstrates that protecting organisations remains a high priority for Singaporean IT professionals. As the nation accelerates it’s digitisation efforts, there is a heightened sense of urgency to shield organisations from evolving cyber threats.”
Cybersecurity awareness training the most popular investment
Of those who are planning on spending money towards cybersecurity in 2024, the most popular area of investment is to spend funds on a cybersecurity awareness training program with ongoing and relevant content (64% - up from 56% in 2022 and 65% in 2021), followed by new cybersecurity software solutions (61% - up from 54% in 2022 and 57% in 2021), and employee policy changes related to cybersecurity (55% - same as in 2022, and 47% in 2021).
Other areas of investment include cybersecurity insurance (50% - up from 36% in 2022 and 55% in 2021), simulated phishing and social engineering for end users (49% - up from 42% in 2022 and 44% in 2021), and further investment in infrastructure (45% - up from 40% in 2022 and 55% in 2021).
"With an emphasis on spending cybersecurity funds on security awareness training, it is clear that employees’ behaviour is a major concern when it comes to cybersecurity risk. There is no one-stop solution for cyber protection. Rather, organizations should focus their efforts on ultimately creating a strong security culture,” said Bochsler.
Singaporean organisations unprepared for data breaches
Also a cause for concern, only two in five (42% - up from 37% in 2022 and down from 51% in 2021) of IT decision makers say they are confident they would know the steps they would need to take following a cyber incident or data breach in their organisation.
“Unfortunately, the prevalence of breaches has continued to increase and preparing employees to be the last line of defence for an organization is a critical component of a strong cybersecurity programme,” warns Bochsler. “It is key for organisations throughout Singapore to adopt a holistic approach that includes building a resilient human firewall through effective training and awareness programmes.”
For more information on KnowBe4, visit www.knowbe4.com.
Research methodology:
This study was conducted online between the 4th – 10th January 2024. The sample comprised of 202 Singaporean IT decision makers across industries. YouGov designed the questionnaire. The data is unweighted.
About KnowBe4
KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, is used by more than 65,000 organisations around the globe. Founded by IT and data security specialist Stu Sjouwerman, KnowBe4 helps organisations address the human element of security by raising awareness about ransomware, CEO fraud and other social engineering tactics through a new-school approach to awareness training on security. The late Kevin Mitnick, who was an internationally recognised cybersecurity specialist and KnowBe4’s Chief Hacking Officer, helped design the KnowBe4 training based on his well-documented social engineering tactics. Organisations rely on KnowBe4 to mobilise their end users as their last line of defence and trust the KnowBe4 platform to strengthen their security culture and reduce human risk.