More than half (54%) of companies in the Philippines have made cybersecurity among its priority in terms of budget spending. This is among the most significant findings in Palo Alto Network’s online survey among companies in Southeast Asia.

Conducted in February, prior to the imposed quarantines to curb the spread of the virus that causes COVID-19, the survey also saw that almost half of the businesses (43%) allotted the majority of their IT budgets to cybersecurity. This spending was attributed to the need to upgrade existing security frameworks to automated technologies (67%), a growing volume of cyberthreats (63%), and the result of cyber risk assessment (57%).

“We found out that the budget is earmarked toward upgrading the security system and tools,” said Oscar Visaya, country manager, the Philippines, Palo Alto Networks.

Palo Alto Networks unveils ML-powered next-generation firewall

Tips on how companies can secure work environment

The survey was conducted among 400 respondents holding a range of management and IT-related roles, representing enterprises from a diverse range of industries and sizes. There were 100 respondents each from Thailand, Indonesia, Philippines and Singapore.

Visaya said companies have realized that the security landscape is “very complex” that there is a need for more visibility in order to address and prevent any security incidents in the future.

Threat landscape

“We also realize that the threat landscape is evolving and it continues to change,” Visaya said. “As the cyber attackers are getting more of these new technologies like machine learning to be in their hands, they’re now using it against us.”

Companies have matured in terms of their security perspective by choosing to invest in cloud-native security tools (47%). Also, nearly half of the respondents said they invest in emerging solutions such as software-defined wide-area network security (42%). This is to complement existing solutions such as anti-malware and antivirus tools (86%) as well as next-generation firewalls (59%).

Employee awareness

While security officers have matured in their security postures, non-IT employees are still a bit behind in terms of cybersecurity awareness. The survey reveals that over half (58%) of employees still lack awareness of the dangers posed by a weak security.

“When we talk about employee awareness, it’s not just about understanding what needs to be done in terms of the cyber hygiene,” Visaya said. “But also at the same time, there is an increasing internal threat that customers are seeing, because of the evolving threat landscape.”

The survey also found there are still risks from third-party service providers and suppliers, making companies increasingly vulnerable (45%), while IT departments have other priorities on which to focus (33%).

Likewise, the Philippines have the most organizations (93%) that clearly communicate their cybersecurity SOPs with their employees. As such, less than half (45%) of the Philippine respondents believe that their company is susceptible to cyberattacks, which is in line with the country’s high scores for confidence.