Cyberattacks to cost country huge losses
A new study reveals the economic cost of cybersecurity breaches in Malaysia due to gaps in security strategies.
CYBERSECURITY breaches could cost the country more than 4% of its GDP (gross domestic product) or about US$12.2bil (RM49.24bil) in losses annually, according to a study.
The study reveals that more than half of the organisations surveyed in Malaysia have either experienced a cybersecurity incident (17%) or are not sure if they had one as they have not performed proper forensics or data breach assessment (36%).
The ‘Understanding The Cybersecurity Threat Landscape in Asia Pacific: Securing the Modern Enterprise in a Digital World’ study is the result of a collaboration between Microsoft and market research firm Frost & Sullivan.
“As companies embrace the opportunities presented by Cloud and mobile computing to connect with customers and optimise operations, they take on new risks,” says Microsoft Malaysia national technology officer Dr Dzahar Mansor.
The study found that large organisations (more than 500 employees) incurred the biggest losses. They lost up to US$22.8mil (RM92.13mil) – 630 times higher than mid-sized organisations (250 to 499 employees) which lost on average about US$36,000 (RM145,600).
Dzahar says the losses correlate to the size of an organisation because bigger companies have larger troves of data that can be stolen.
He added that the bulk of companies in Malaysia are SMEs (small medium enterprises) and though they suffered smaller losses, collectively they lost the most data.
“With traditional IT boundaries disappearing, adversaries now have many new targets to attack. Companies face the risk of significant financial loss, damage to customer satisfaction and market reputation,” says Dzahar.
In addition to financial losses, cybersecurity incidents are also undermining Malaysian organisations’ ability to compete in the digital economy, as more than three in five (62%) respondents stated that their company has put off digital transformation efforts due to the fear of cyber risks.
Cybersecurity attacks have also resulted in job losses for three in five (61%) of the organisations that have experienced an incident over the last 12 months.
CyberSecurity Malaysia (CSM) chief executive officer Datuk Dr Amirudin Abdul Wahab says most companies treat security as an afterthought or totally lack security strategies.
He added that around 80% of SMEs don’t invest in cybersecurity solutions, which is worrying as it could impact others in the eco-system when they are compromised.
CSM recommends companies to continuously review compliance, invest in security fundamentals such as training, and to even consider leveraging AI (artificial intelligence) to enhance security.
The study surveyed 1,300 respondents from 13 markets, including Malaysia, China, Hong Kong, India, Japan and Australia.
The respondents were made up of business decision-makers (44%) like CEOs and chief operating officers, and IT decision-makers (56%) such as chief information officers and IT directors.