Despite being a "hotspot" for cyberattacks, only one-third of Asian businesses are capable of responding effectively.

The Asia- Pacific region is currently a hotspot for cyberattacks globally. (Image created by AI)

The New Straits Times (Malaysia), citing the annual report of Commvault – a company specializing in data resilience – stated that the gap between the perceived level of preparedness and the actual resilience of businesses in Asia is worrying.

According to a survey conducted by Tech Research Asia (TRA), a technology research and consulting firm, the majority of business leaders believe they are adequately equipped to respond to cyber incidents. However, when testing their response plans, only one-third of the surveyed organizations responded effectively after an intrusion. Even more concerning, 12% admitted they had no response plan at all and reacted only spontaneously.

Gerard Russell, Asia Pacific Chief Technology Officer at Commvault, commented: “This highlights a serious disconnect between confidence and capability.” He warned that even the best cybersecurity defense strategies can crumble under real-world pressure if not regularly tested and integrated into daily operations.

The Asia-Pacific region is currently a hotspot for cyberattacks globally. While businesses are accelerating their digital transformation, such as deploying cloud computing, regulations related to artificial intelligence (AI) are becoming increasingly stringent, making the management of data infrastructure and cybersecurity defense capabilities more complex.

The report indicates that in Singapore, nine out of ten businesses believe they are capable of withstanding a cyberattack, a nearly identical figure in Malaysia. However, the reality is that many businesses still struggle with a rapid and comprehensive recovery.

72% of businesses believe they can resume operations within 5 days of a network outage, with nearly a quarter optimistically predicting a full recovery within just 12 hours. However, according to IT executives, restoring even minimal operational levels typically takes 3 to 4 weeks.

Worse still, only 30% of organizations test all critical workloads as part of their incident response plan (IRP), leaving significant gaps in recovery capabilities. As a result, 85% of businesses have experienced data breaches, 50% have lost all access, and only 40% have fully recovered their data.

Businesses with poor resilience are twice as likely to lose data permanently and 34% more likely to be completely locked out of their systems compared to the average.

As Asia continues to accelerate its digital transformation, the question is no longer whether a cyberattack will occur, but whether businesses are truly prepared when it does.