Being a 'hot spot' for cyber attacks, only 1/3 of Asian businesses have the ability to respond well

The Asia- Pacific region is now a hotspot for cyberattacks globally. (Image generated by AI)

The New Straits Times (Malaysia) quoted the annual report of Commvault – a company specializing in data resilience – saying that the gap between the perceived level of preparedness and the actual resilience of businesses in Asia is worrying.

According to a survey conducted by technology research and consulting firm Tech Research Asia (TRA), the majority of business leaders believe they are well-equipped to respond to cyber incidents. However, when testing their response plans, only one-third of the organizations surveyed responded effectively after an intrusion. In fact, 12% admitted that they had no response plan at all and responded spontaneously.

“This shows a serious mismatch between confidence and capability,” said Gerard Russell, CTO for Asia Pacific at Commvault, warning that even the best cyber defense strategies can fall apart under real-world pressure if they are not regularly tested and integrated into day-to-day operations.

The Asia-Pacific region is now a hotbed of cyberattacks globally. While businesses accelerate digital transformation, such as cloud computing deployment, regulations related to artificial intelligence (AI) are tightening, making data infrastructure management and cyber defense capabilities more complex.

In Singapore, nine out of 10 businesses believe they can withstand a cyber attack, with a similar proportion in Malaysia, the report said. However, the reality is that many businesses still struggle to recover quickly and fully.

72% of businesses believe they can resume operations within five days of a cyber incident, with nearly a quarter optimistic that full recovery will take just 12 hours. But according to IT managers, the reality is that it often takes three to four weeks to restore minimal operations.

Worse, only 30% of organizations fully test critical workloads as part of their incident response plans (IRPs), leaving gaps in resiliency. As a result, 85% of businesses have experienced a data breach, 50% have lost all access, and only 40% have fully recovered their data.

Businesses with poor resilience are twice as likely to experience permanent data loss and 34% more likely to be completely locked out of their systems than the general population.

As Asia continues to push digital transformation, the question is no longer whether a cyberattack will happen, but whether businesses are truly ready when it does.