Singaporean organisations are ramping up their spending in cybersecurity according to new research from KnowBe4 reporting investment in cyber security measures is rising, with 87% of respondents expressing their intention to invest in or allocate funds toward cybersecurity in 2024. This marks a significant uptick from 72% reported the previous year in 2022.
Despite the increased investments, however, the research uncovers concerning trends in cybersecurity awareness and preparedness among Singaporean organisations. Interestingly, 51% (up from 45% in 2022) of Singaporean IT decision-makers say they are concerned about phishing, perceiving it as a significant risk to their organisations, and 38% are concerned with business email compromise (BEC) down from 40% in 2021).
Alarmingly, 45% - down from 47% in 2022 and 54% in 2021) of Singaporean IT decision-makers believe the employees in their organisations understand the business impact of their businesses falling victim to a cyber-attack, and worryingly only 38% are confident their employees can identify phishing and BEC emails (37% in 2022 and 43% in 2021) and (40%) of employees report all emails they believe to be suspicious (41% in 2022 and 40% in 2021).
David Bochsler, VP of sales APAC at KnowBe4 opined that as one of the most interconnected countries in the world, Singapore is a prominent target for cyber-attacks and cyber-crime. “The planned increase in cyber spend demonstrates that protecting organisations remains a high priority for Singaporean IT professionals. As the nation accelerates its digitisation efforts, there is a heightened sense of urgency to shield organisations from evolving cyber threats,” he added.
Investment in cybersecurity awareness training
Of those who are planning on spending money towards cybersecurity in 2024, the most popular area of investment is to spend funds on a cybersecurity awareness training program with ongoing and relevant content (64% - up from 56% in 2022 and 65% in 2021), followed by new cybersecurity software solutions (61% - up from 54% in 2022 and 57% in 2021), and employee policy changes related to cybersecurity (55% - same as in 2022, and 47% in 2021).
Other areas of investment include cybersecurity insurance (50% - up from 36% in 2022 and 55% in 2021), simulated phishing and social engineering for end users (49% - up from 42% in 2022 and 44% in 2021), and further investment in infrastructure (45% - up from 40% in 2022 and 55% in 2021).
"With an emphasis on spending cybersecurity funds on security awareness training, it is clear that employees’ behaviour is a major concern when it comes to cybersecurity risk. There is no one-stop solution for cyber protection. Rather, organisations should focus their efforts on ultimately creating a strong security culture,” said Bochsler.