Sunday, 31 August 2025
31.3 C
Singapore
34.1 C
Thailand
25.6 C
Indonesia
28.1 C
Philippines

Most Asian firms overestimate cyber readiness, Commvault report finds

Commvault study reveals most Asian firms overestimate cyber readiness, with many unprepared when real-world attacks strike.

Most business leaders in Asia believe their organisations are prepared for a cyberattack, but a new report from Commvault suggests that confidence often fades during a real-world incident. The study, titled The State of Data Readiness – Continuous Business in Focus, highlights a significant gap between perceived readiness and actual resilience when enterprises face cyber threats.

Commissioned by Commvault and conducted by Tech Research Asia, the report surveyed organisations across the region, including in Singapore and Malaysia. While 90% of Singaporean firms and nearly as many in Malaysia claimed to be prepared, only 27% and 37% respectively were able to respond effectively when a breach occurred. Meanwhile, 12% admitted they had no clear response plan and were left scrambling.

Gareth Russell, Field CTO for APAC at Commvault, noted that preparation alone is not enough. “One thing is very clear. Once a breach occurs, even the most meticulously crafted plans can fall apart,” he said. “In today’s dynamic and increasingly complex digital landscape, maintaining continuous operations is non-negotiable. Organisations must elevate their cybersecurity maturity by regularly testing incident response plans, auditing AI tools for risk, and building strong data management foundations. Resilience isn’t a one-time effort; it must be embedded into the fabric of everyday operations.”

Resilience gap grows as attacks and data sprawl increase

The findings come as the Asia Pacific region continues to face the highest volume of cyberattacks globally. According to IBM’s threat intelligence report, the region was the most attacked in 2024. At the same time, many organisations are grappling with a sharp increase in data volume and complexity. Data across Asia grew by 40% in the past year, with 63% of businesses now operating in hybrid or multi-cloud environments.

Despite this shift, 38% of organisations say they lack full visibility into the relationships, metadata, and dependencies within their cloud infrastructure—details that are critical to any coordinated recovery effort.

The report also found that 72% of executives believe their organisations could recover from a cyberattack within five days. Nearly a quarter expect to do so in just one day. However, IT leaders estimate that it typically takes three to four weeks to restore even a minimal level of operations.

Although 85% of companies have incident response plans, only 30% test all their mission-critical workloads. This lack of preparation often results in serious consequences. According to the survey:

  • 83% experienced data exfiltration
  • 50% lost access to all their data
  • Only 40% managed to recover 100% of their data

Organisations with lower recovery maturity were more than twice as likely to fail to recover fully and were 34% more likely to be locked out of systems entirely.

Michel Borst, Area Vice President for Asia at Commvault, said the gap between confidence and capability is dangerous. “Boards and executive teams are placing big bets on digital and AI transformation, but recovery is where those bets are won or lost,” he said. “Confidence without capability can lead to business failure when the worst happens. What organisations need is minimum viable readiness—a baseline level of cyber resilience so they can respond, recover, and resume operations following an attack.”

Growing pressure from compliance and regulation

Beyond technical recovery, the post-breach environment is becoming increasingly complex due to growing regulatory demands. The report found that 52% of organisations in Asia are subject to at least four different compliance regimes, including frameworks like APRA and SoCI. A further 10% were unsure of their regulatory obligations.

Cross-border data transfer regulations are also creating compliance challenges, with 53% of organisations reporting conflicting requirements across different geographies. This has made compliance readiness a critical part of broader cyber resilience planning.

As the region continues to embrace cloud adoption and digital transformation, Commvault’s findings suggest that many businesses still have a long way to go in bridging the gap between planning and practice.

Hot this week

ASUS introduces NUC 15 Performance mini PC in Singapore

ASUS launches the NUC 15 Performance mini PC in Singapore, offering Intel Core Ultra processors, RTX graphics, and Wi-Fi 7.

Google rolls out QR code verification for secure messaging

Google is testing QR code verification in Messages, making it easier for users to confirm the identity of contacts and secure RCS chats.

Synology introduces AI-powered Office Suite with new AI Console

Synology updates its Office Suite with AI-powered MailPlus, Office, and a new AI Console to boost productivity while ensuring data privacy.

Anthropic warns hackers exploited its Claude AI chatbot for large-scale ransomware and phishing attacks

Anthropic warns that hackers exploited Claude AI to create ransomware and phishing campaigns, targeting at least 17 companies.

Atome Financial achieves record profit and revenue growth in 2024

Atome Financial posts record US$236M profit in 2024, with revenue growth accelerating past US$500M in Q2 2025.

Researchers show how 5G phones can be downgraded to 4G in a new cyberattack

Researchers have revealed a toolkit that can downgrade 5G phones to 4G, exposing them to known security flaws and raising concerns about mobile security.

Meta introduces new AI safeguards to protect teens from harmful conversations

Meta is strengthening AI safeguards to prevent teens from discussing self-harm and other sensitive topics with chatbots on Instagram and Facebook.

ChatGPT to introduce parental controls as AI safety concerns rise

OpenAI is introducing parental controls for ChatGPT, addressing growing concerns about the safety of AI chatbots and their impact on young users.

Japan uses an AI simulation of Mount Fuji’s eruption to prepare citizens

Japan uses AI to simulate a Mount Fuji eruption, showing its potential devastation and promoting disaster preparedness.

Related Articles

Popular Categories