Cybersecurity company Sophos has released its Cybersecurity Playbook for Partners in Asia Pacific and Japan in collaboration with Tech Research Asia. The report found the demand for managed service partners remains strong as AI-augmented cyberattacks remain a top concern for organisations across Asia Pacific and Japan.
The report also found that AI-augmented cyberattacks are considered the most worrying cyber threats for organisations in all markets except Australia (ranking third behind credential theft and phishing/social engineering).
“The ongoing prevalence of cyber threats has forced organisations to address a variety of their cybersecurity measures,” said Sophos’s Cameron Reid. “The report found that the top three areas of importance for businesses are strengthening cybersecurity posture around financial operations, improving risk management capabilities, and ensuring cybersecurity is robust enough to support digital transformation programs.”
“Evidently, when businesses invest in new technologies, it is front of mind that this is done in a secure manner to ensure potential attack surfaces are protected.”
According to the report, less than three-in-ten (28%) of Australian organisations surveyed believe they have the skills to deal with AI threats, and just one-in-ten (10%) believe they have a comprehensive AI and automation strategy.
To combat these AI skills shortages, 45% of organisations across the Asia Pacific region are looking to outsource to partners to support them, and 49% intend to train and develop in-house skills with the assistance of partner-supported training and education.
In the next 12 months, 83% of Australian organisations expect to have their cybersecurity budget increase, and 50% of organisations in the Asia Pacific region intend to invest more into third-party managed security services to consolidate and manage tech stacks, enhance security capabilities, and alleviate in-house pressures.
The top product and solution areas attracting increased budgets are:
- Infrastructure and network security (62% are increasing budgets);
- Threat detection and response (61%);
- Application and security (56%);
- Identity access management (53%); and
- Incident response and recovery (50%).
In terms of vendor environments, only 20% of surveyed organisations use just one vendor for their cybersecurity needs, with one in three (33%) using three or more. Multi-vendor environments will increase in the next 12 months as organisations move towards flexible and tailored commercial constructs from partners.
Additionally, Australian organisations are looking for partners with strong security skills. More than two-thirds (68%) of Australian organisations surveyed said they are unlikely to engage a partner that had been breached or suffered a security incident themselves. Of the companies that will still engage a breached partner, 60% will include extra performance clauses and specific service level agreements.
“Since adversarial behaviours are always evolving, it is essential that organisations get the support they need to address all aspects of cybersecurity and continue to consistently evaluate and maintain strong defences against the latest cyberattacks,” added Reid. “The research shows companies understand they need help building ongoing cyber resiliency and are looking to partners fill their in-house gaps. This means MSPs have an opportunity to win and maintain business by presenting their strong technical cybersecurity skills, knowledge of the threat landscape, and an ability to help customers and prospects stay secure so they can focus on their business operations and goals.
You can read the full report here.