Despite witnessing improved cyber risk levels, a significant majority of organizations in the Asia Pacific (APAC) remain vigilant against cyber threats. According to the latest survey conducted by cybersecurity solutions company Trend Micro, 82% of respondents are expecting successful cyber attacks within this year.

The report finds that enhanced cyber preparedness is a key driver of improved cyber risk levels. The Trend Micro report indicates that cyber risk levels shifted from “elevated” to “moderate” in the region. While the Philippines still lingers within the “elevated” risk category, it exhibits indications of advancement and readiness against cyber threats, at least in the first half of 2022.

In Trend Micro’s cyber risk index, the classification of “elevated” corresponds to a score range of -5.00 to 0.00. This classification suggests a high likelihood of a compromise, a certain level of ability to detect novel threats, limited visibility of threats within the network, and an absence of a comprehensive incident response process.

Trend Micro: Cybercrime groups adopt corporate-like setup
Trend Micro warns of ransomware targeting industrial control systems

Trend Micro’s biannual Cyber Risk Index report surveyed more than 3,700 CISOs, IT practitioners, and managers across North America, Europe, Latin/South America, and APAC.

“We have seen a drastic improvement in the APAC cyber risk index since the first half of 2022, with figures moving into positive territory at 0.05 from negative levels,” Nilesh Jain, vice president, Southeast Asia & India, Trend Micro, said in a media release. “This means that organizations have greatly stepped up to improve their cyber preparedness. It is crucial for organizations to continue this momentum by focusing on the threats that matter most to their business this year.” 

Cyber threats

The report also found that 3 in 4 organizations said it was “somewhat to very likely” that they would suffer a breach of customer data (74%), intellectual property (74%) or a successful cyberattack (82%). “These figures represent declines of just 2%, 4%, and 7% respectively, from the results of the CRI in the first half of 2022,” Trend Micro said.

Ransomware remains among the top 5 cyber threats in organizations in the Philippines (1st) and APAC (2nd). In the region, Business Email Compromise (BEC) ranks as the foremost cyber threat according to businesses.

Across APAC and the Philippines, the primary infrastructure risks identified are people-related. In these areas, employees/personnel are identified as 3 of the top 5 infrastructure risks.

Attack surface

“To address new complexities arising from an expanding attack surface, security teams need to bolster their capabilities in proactive attack surface risk management,” Jain noted.

He also emphasized that organizations can consider having a unified cybersecurity platform with extended detection and response (XDR) capabilities on top of architecture improvements if they want these cyber risk levels to continue. This will enable security teams to have enhanced visibility against cyber threats across internal and external systems, accounts and devices.

“This would give organizations a leg-up in understanding, communicating, and mitigating expected risks,” Jain said.