The C-suite guide to simplifying for cyber readiness
The past year has been one of the most challenging ones for cybersecurity. The ups and downs of the continued pandemic had an immense impact on organisations, changed the way employees work and brought with it new cyber risks. Majority of organisations are aware of the risks with an average of 62% of respondents surveyed expecting a significant rise in reportable incidents next year above 2021 levels (Source: Digital Trust Insights 2021). Beyond just the number of attacks, the intricacies of the attacks were more sophisticated.
However, the increasing interdependence of organisation’s systems create more complexity and magnify the effects of a cyber attack. As a result, 90% of Singapore respondents in our 2022 Global Digital Trust Insights Survey say that too many avoidable, unnecessary organisational complexities pose “concerning” cyber and privacy risks.
This year’s Digital Trust Insights Survey - Singapore report offers organisations and C-suites a guide to simplifying for cyber readiness.
To answer this question, it is essential to examine the role of the CEO with regards to cybersecurity. 38% of non-CEO respondents in Singapore require ‘significant support’ from their CEO to ‘embed cyber and privacy in key operations and decisions of the organisation’, and 34% require their CEO to ‘connect with confidence with customers and business partners’ and ‘ensure adequate resources, funding, and sufficient priority’.
In the context of rising cyber breaches and security threats, managing complexity is a key focus for organisations. This is particularly true for Singapore where an estimated 90% of Singapore respondents say that their operations were at “avoidable, unnecessary levels of complexity” as compared with 80% of respondents for the global and Asia-Pacific (APAC) regions.
As cyber-attacks become more frequent, organisations must strategically identify their most pertinent risks and guard against them. In Singapore, 37% of respondents indicated that “Use of generally accepted standards and frameworks in assessment and diagnostic tools” are critical in making decisions about cyber investments and responding to cyber risk.
As organisations are increasingly collaborating with third parties, it is critical to understand the types of third party risks and have a third party risk management system in place. Generally, Singapore respondents ranked higher in their level of understanding of third party risks as compared to global respondents - 63% of respondents in Singapore said they refined their criteria for onboarding assessments.‘ 54% rewrote contracts with certain third parties to mitigate risks, and 46% audited and verified the security posture and compliance of third parties or suppliers.
