by NURUL SUHAIDI / pic by BERNAMA

A NEW survey from Trend Micro Inc found that 73% of organisations in Malaysia are likely to experience data breach which will impact customer data in the next 12 months.

The poll, which is based on Trend Micro’s biannual Cyber Risk Index (CRI) report, assessed the gap between respondents’ cyber security preparedness and their likelihood of being attacked, in light of the elevated risk of cyber-attacks in the previous year.

In the first quarter of 2021 (1Q21), the CRI surveyed over 3,600 businesses from Asia-Pacific (APAC), North America, Europe and Latin America, across different size and industries.

The CRI was based on a numerical scale of -10 to 10, with -10 indicating the highest level of risk.

Trend Micro Malaysia and Nascent Countries MD Goh Chee Hoh said to lower cyber risk, organisations must be better prepared by going back to basics, identifying the critical data most at risk, focusing on the threats that matter most to their business, and delivering multi-layered protection from comprehensive and connected platforms.

“Once again, we have found plenty to keep the chief information security officers awake at night, from operational and infrastructure risks to data protection, threat activity and human-shaped challenges,” he said in a statement yesterday.

Key findings for Malaysia from the report include 58% who said it was somewhat very likely that they would suffer serious cyber-attacks in the coming 12 months.

Additionally, 30% noted that they have suffered more than seven cyber-attacks that infiltrated their networks or systems while 14% had more than seven data breaches of information assets.

Meanwhile, 21% suffered more than seven breaches of customer data over the past year, according to the survey.

In APAC, the top five cyber threats highlighted in the report recorded ransomware as being the highest threats, followed by watering hole attacks, advanced persistent threats (APT), malicious insiders and fileless attacks.

The top three negative outcomes of these attacks, according to APAC organisations, were disruption or damage to critical infrastructure, loss of intellectual property, and the cost of outside consultants and experts.

It added that the top security risks to infrastructure include malicious and negligent insiders, cloud computing infrastructure and providers, along with organisational misalignment and complexity.

However, the key hurdles for cyber security preparedness include limitations for security leaders who lack the authority and resources to achieve a strong security posture, as well as organisations struggling to enable security technologies that are sufficient to protect their data assets and IT infrastructure.