A study commissioned by Microsoft revealed that huge cybersecurity breaches can result in economic losses to organizations in the Philippines.
The Frost & Sullivan study titled “Understanding the Cybersecurity Threat Landscape in Asia Pacific: Securing the Modern Enterprise in a Digital World” reported that the potential economic loss in the Philippines due to cybersecurity incidents can hit a staggering US$3.5 billion, which is 1.1 percent of the country’s total GDP of US$305 billion.
The study also found out that a large-sized organization in the Philippines may suffer an economic loss of US$7.5 million and that cybersecurity attacks have led to job losses in seven out of ten (72 percent) organizations over the last year. Half of the organizations surveyed in the Philippines have either experienced a cybersecurity incident (18 percent) or are not sure due to the lack of proper forensics or data breach assessment (34 percent).
Some 1,300 business and IT decision makers ranging from mid to large-sized organizations participated in the said study which aims to provide business and IT decision makers with insights on the economic cost of cybersecurity breaches in the region and identify the gaps in organizations’ cybersecurity strategies.
“With traditional IT boundaries disappearing, the adversaries now have many new targets to attack. Companies face the risk of significant financial loss, damage to customer satisfaction and market reputation —as has been made all too clear by recent high-profile breaches,” said Hans Bayaborda, Managing Director, Microsoft Philippines during the study launch recently at the Grand Hyatt in Bonifacio Global City.
Frost & Sullivan calculated the cost of cybercrime based on an economic loss model that included macroeconomic data and insights shared by the survey respondents.
Three kinds of losses which could be incurred due to a cybersecurity breach are direct (financial losses like loss of productivity, fines, remediation cost), indirect (opportunity cost to the organization such as customer churn due to reputation loss), and induced (impact of cyber breach to the broader ecosystem and economy, such as the decrease in consumer and enterprise spending).
“Although the direct losses from cybersecurity breaches are most visible, they are but just the tip of the iceberg,” said Edison Yu, Vice President and Asia Pacific Head of Enterprise for Frost & Sullivan. “There are many other hidden losses that we have to consider from both the indirect and induced perspectives, and the economic loss for organizations suffering from cybersecurity attacks can be often underestimated.”
Fifty-seven percent of those surveyed said that fear of cyber-risks has deterred the digital transformation of Philippine organizations and their ability to capture future opportunities in today’s digital economy. Data exfiltration and data corruption are the biggest concerns as these have the highest impact on the slowest recovery time.
According to the research, there are key gaps in the organizations’ cybersecurity approach. These gaps include putting security only as an afterthought, creating a complex environment, and a lack of cybersecurity strategy.
“The ever-changing threat environment is challenging, but there are ways to be more effective using the right blend of modern technology, strategy, and expertise,” said Bayaborda.
“Microsoft is empowering businesses in the Philippines to take advantage of digital transformation by enabling them to embrace the technology that’s available to them, securely through its secure platform of products and services, combined with unique intelligence and broad industry partnerships,” he added.
The five best practices against cyber attacks are to position cybersecurity as a digital transformation enabler; invest in strengthening security fundamentals; maximize skills and tools by leveraging integrated best-of-suite tools; assessment, review and continuous compliance; and leverage Artificial Intelligence (AI) and automation to increase capabilities and capacities.
In particular, AI is seen as a potent solution against cyber attacks as it can detect and act on threat vectors based on data insights. In fact, four in five (79 percent) organizations in the Philippines have either adopted or are looking to adopt an AI approach towards boosting cybersecurity.