Sophos research finds 83% of organisations’ cybersecurity budgets will increase in the coming 12 months, and 50% will increase spend with MSPs
Sophos unveiled its Cybersecurity Playbook for Partners in Asia Pacific and Japan, in collaboration with Tech Research Asia. The report analysed the priorities for businesses over the next 12 months.
“The ongoing prevalence of cyber threats has forced organisations to address a variety of their cybersecurity measures,” said Cameron Reid, director, Channel Sales MSP, Sophos Asia Pacific and Japan. “The report found that the top three areas of importance for businesses are strengthening cybersecurity posture around financial operations, improving risk management capabilities, and ensuring cybersecurity is robust enough to support digital transformation programs. Evidently, when businesses invest in new technologies, it is front of mind that this is done in a secure manner to ensure potential attack surfaces are protected.”
The report indicates that nearly 80% of Malaysian businesses have implemented cloud security measures, the highest percentage in the Asia-Pacific and Japan (APJ) region. As organisations continue their digital transformation journey by implementing technologies such as artificial intelligence (AI), they are concerned about how cybercriminals are doing the same. Notably, the report found that AI-augmented cyber-attacks are considered the most worrying cyber threats for organisations in Malaysia, with over 70% expressing this concern.
Less than one-in-two (45%) of APJ organisations surveyed believe they have the skills to deal with AI threats, and just over one-in-five (22%) believe they have a comprehensive AI and automation strategy in place. To combat these AI skills shortages, 45% of organisations are looking to outsource to partners to support them and 49% intend to train and develop in-house skills with the assistance of partner supported training and education.
Demand for MSP support is strong
In the next 12 months, 83% of APJ organisations expect to have their cybersecurity budget increase and 50% intend to invest more into third-party managed security services to consolidate and manage tech stacks, enhance security capabilities, and alleviate in-house pressures.
The top product and solution areas attracting increased budgets are:
- Infrastructure and network security (62% are increasing budgets)
- Threat detection and response (61%)
- Application and security (56%)
- Identity access management (53%)
- Incident response and recovery (50%)
In terms of vendor environments, only 20% of surveyed organisations use just one vendor for their cybersecurity needs, with one-in-three (33%) using three or more. Multi-vendor environments will increase in the next 12 months as organisations move towards flexible and tailored commercial constructs from partners.
Organisations are looking for partners with strong security skills. Almost 60% of organisations surveyed said they are unlikely to engage a partner that had been breached or suffered a security incident themselves. Of the companies that will still engage a breached partner, 81% will include extra performance clauses and specific service level agreements.
“Since adversarial behaviours are always evolving, it is essential that organisations get the support they need to address all aspects of cybersecurity and continue to consistently evaluate and maintain strong defences against the latest cyberattacks,” added Reid.
“The research shows companies understand they need help building ongoing cyber resiliency and are looking to partners fill their in-house gaps. This means MSPs have an opportunity to win and maintain business by presenting their strong technical cybersecurity skills, knowledge of the threat landscape, and an ability to help customers and prospects stay secure so they can focus on their business operations and goals.