Sophos today released its Cybersecurity Playbook for Partners in Asia Pacific and Japan in collaboration with Tech Research Asia. The report analysed the priorities for businesses over the next 12 months, and the opportunities for partners to support these ambitions.
โThe ongoing prevalence of cyber threats has forced organisations to address a variety of their cybersecurity measures,โ said Cameron Reid, director, Channel Sales MSP, Sophos Asia Pacific and Japan. โThe report found that the top three areas of importance for businesses are strengthening cybersecurity posture around financial operations, improving risk management capabilities, and ensuring cybersecurity is robust enough to support digital transformation programs. Evidently, when businesses invest in new technologies, it is front of mind that this is done in a secure manner to ensure potential attack surfaces are protected.โ
As organisations continue their digital transformation journey by implementing technologies such as artificial intelligence (AI), they are concerned about how cybercriminals are doing the same. The report found AI-augmented cyberattacks are considered the most worrying cyber threats for organisations in all markets except Australia (ranking third behind credential theft and phishing/social engineering).
Worryingly, less than three-in-ten (28%) of Australian organisations surveyed believe they have the skills to deal with AI threats, and just one-in-ten (10%) believe they have a comprehensive AI and automation strategy in place. To combat these AI skills shortages, 45% of organisations across the APJ region are looking to outsource to partners to support them and 49% intend to train and develop in-house skills with the assistance of partner supported training and education.
Demand For MSP Support Is Strong
In the next 12 months, 83% of Australian organisations expect to have their cybersecurity budget increase and 50% of APJ organisations intend to invest more into third-party managed security services to consolidate and manage tech stacks, enhance security capabilities, and alleviate in-house pressures.
The top product and solution areas attracting increased budgets are:
- Infrastructure and network security (62% are increasing budgets)
- Threat detection and response (61%)
- Application and security (56%)
- Identity access management (53%)
- Incident response and recovery (50%)
In terms of vendor environments, only 20% of surveyed organisations use just one vendor for their cybersecurity needs, with one-in-three (33%) using three or more. Multi-vendor environments will increase in the next 12 months as organisations move towards flexible and tailored commercial constructs from partners.
Additionally, Australian organisations are looking for partners with strong security skills. More than two-thirds (68%) of Australian organisations surveyed said they are unlikely to engage a partner that had been breached or suffered a security incident themselves. Of the companies that will still engage a breached partner, 60% will include extra performance clauses and specific service level agreements.
โSince adversarial behaviours are always evolving, it is essential that organisations get the support they need to address all aspects of cybersecurity and continue to consistently evaluate and maintain strong defences against the latest cyberattacks,โ added Reid. โThe research shows companies understand they need help building ongoing cyber resiliency and are looking to partners fill their in-house gaps. This means MSPs have an opportunity to win and maintain business by presenting their strong technical cybersecurity skills, knowledge of the threat landscape, and an ability to help customers and prospects stay secure so they can focus on their business operations and goals.
