According to Crowdstrike’s 2020 Asia-Pacific and Japan State of Cybersecurity Report, cybersecurity is one of the top three concerns of local businesses for the next six months aside from matters relating to the economy and the next wave of COVID-19. Eighty-six percent of business leaders in the country see cybersecurity measures as a “top priority.”
“While most organizations in the Philippines have changed their IT (information technology) environments to accommodate remote workers, 37 percent still have not changed their security programs due to COVID-19, potentially exposing their organizations to cyber risks from new and more sophisticated attacks,” the report says.
Despite limited financial capacity, 76 percent of companies expect cybersecurity spending to increase now that digital platforms have become their main business avenue. Challenges concerning remote work, new regulations, compliance costs, and necessary upgrades will have to be dealt with to adapt to the online business setup.
“While most organizations in the Philippines have changed their IT (information technology) environments to accommodate remote workers, 37 percent still have not changed their security programs due to COVID-19, potentially exposing their organizations to cyber risks from new and more sophisticated attacks,” the report says.
Gene Yu, CEO of digital forensic and cyber crisis firm Blackpanda, warns that cyber attackers will take advantage of this transitionary period, imitating on-boarding teams, phishing confidential information, and causing further loss to businesses.
According to a 2019 Verizon report, 43 percent of all cyber attacks are against small to medium enterprises (SMEs). Yu believes that SMEs can prevent this by starting with low-hanging fruit such as consistently updating software, enabling multi-factor authentication across company log-ins, and installing antivirus protection and detection systems.
“Our research findings show that respondents understand these gaps and expect to address them during business recovery, going beyond ‘good enough’ security measures to ensure their employees remain secure against sophisticated threat activity—regardless of where they are located,” says Sherif El Nabawi, Crowdstrike’s vice president for engineering.