The latest study from Kroll, an independent provider of global risk and financial advisory solutions, shows that 75% of organizations in the Philippines have experienced a cyber incident, which makes it the second most cyber-vulnerable market in Asia Pacific region (APAC) after Malaysia with 76%.
The figures are much higher than the APAC average of 59%.
The greatest concern among organizations in the Philippines is data loss (70%). Respondents were also much more concerned about intellectual property (60%) while 60% of respondents cited business interruption as the most significant consequence of a cyberattack, 29% also cited regulatory fines, higher than in any other APAC country.
Malware (29%) and phishing (21%) rank top as the most common cause of cyber incidents in the Philippines.
The two most cited impacts of a cyber incident in the Philippines were business interruption (60%) and data loss (59%). Regulatory fines (29%) as a consequence of cyberattacks were also most cited for the Philippines when compared to the rest of the markets.
Security spending budgets
“Despite the number of cyber incidents, many companies still do not have a response plan in place if an incident were to occur, which leaves companies at the risk of being unable to handle an incident effectively and being vulnerable to further attacks,” said Jay Gomez, senior vice president, Cyber Risk, Kroll.
In response to a cyber incident, 36% of organizations in the region did not have an incident response playbook, a plan, or policies in place, and 38% did not have an appointed data protection officer or access to cyber security specialists on a retainer in Asia Pacific.
To address cybersecurity threats, the majority of organizations were planning to increase budgets (64%) and were moving to the cloud (65%).
“A combination of mitigation measures brought about by considered investment in cyber security, together with a trusted cyber security advisor, will go a long way to reducing the impact of cyberattacks and enable businesses in the Asia Pacific to recover more quickly. After all, the worst time to plan for an attack is during one,” said Paul Jackson, regional managing director of Asia Pacific, Cyber Risk, Kroll.