Nearly one in two (44%) Hong Kong businesses said they have experienced some kind of security attack in the past 12 months, with an equal number saying business had been interrupted at least once, according to new Telstra research.
The 2019 Telstra Security Report released today also found that the top three concerns over the impact of a security breach were; loss of productivity (54%), corrupted business data (49%) and loss of customers or loss of intellectual property (equally at 35%). A strong majority of businesses (63%) agree security impacts customer experience affecting customer confidence, brand loyalty and advocacy.
According to the report, global respondents expressed a common need to drive investments into security awareness and training programs. Yet, 42% of respondents said that security concerns are one of the main reasons they do not invest too quickly into new technologies for IT projects.
Human error a risk factor
According to the report, the most frequently experienced security incident was unintentional human error which is often caused by inadequate business processes and by employees not understanding their organisation’s security policies. Human error was cited as the highest risk to IT security by 91% of respondents, while 42% of respondents say external hacking, either for espionage, stealing intellectual property, hacktivism or for financial motivations, were also a major risk to IT security.
Detecting data breaches
The ability to detect and effectively respond to incidents in a timely manner is still the top challenge for all companies. In the APAC region, only 49% of respondents were confident in being able to detect data breaches within ‘minutes or hours’, down from 53% in the 2018 Telstra Security Report.
92% of Hong Kongbusinesses estimated that a proportion of incident alerts went unanswered, while 83% estimated that a proportion of data breaches went undetected.On a positive note, awareness and processes are in place to tackle security issues. 76% of businesses said they have tools that allow them to prioritise and interpret incoming threats, 85% said they have data loss prevention capabilities, and 93% said they follow standard processes for incident response.
While ransomware is still pervasive and profitable for cyber criminals, it is encouraging to note most potential victims have adopted policies and safeguards against such attacks. 72% of respondents said they experienced a ransomware attack at least once in the last 12 months, while 30% said they had experienced a ransomware attack every quarter.
88% of respondents said they were able to recover from the ransomware attacks within 24 hours, with 52% of companies choosing not to pay the ransom at all.
What the future holds for Hong Kong businesses
The report’s outlook illustrates that security will continue to be a key focus of business strategy in Hong Kong, with 63% of respondents saying their security budgets would increase in the next 12to 24 months.
There is also the much broader security landscape to consider when managing cyber and electronic security. The more devices that become connected, the broader the security footprint becomes, which brings with it the opportunity for new technologies to improve end-to-end visibility and to better manage security risks.
Telstra’s Security Report outlines general best practices for businesses to consider as part of its security strategy. They include having multi-layered defences, conducting constant architecture reviews, ensuring employees are aware and trained to improve security resilience and following Telstra’s guidance on the five things businesses should know to effectively help manage the business risk of cyber security.