The Commvault, “The State of Data Readiness – Continuous Business in Focus,” highlights a troubling disparity between business leaders' confidence in their cybersecurity preparedness and their actual readiness to respond effectively to cyberattacks.
Conducted by Tech Research Asia, the report reveals that while a significant majority of leaders in Singapore and Malaysia believe they have robust plans in place, the reality often falls short when those plans are tested.
The survey found that 90% of organisations in Singapore and nearly as many in Malaysia feel capable of withstanding a cyber breach. However, only 27% of Singaporean and 37% of Malaysian enterprises were prepared to respond effectively when faced with an actual attack. Alarmingly, 12% reported they had no established response plan, leaving them to react in a state of panic.
This resilience gap is particularly concerning given that Asia Pacific was identified as the most attacked region globally in 2024, according to IBM’s threat intelligence report. As organisations accelerate their cloud adoption, the volume of data is soaring—growing by 40% last year—while many lack visibility into the dependencies and relationships within their cloud environments.
This lack of visibility is critical for effective incident recovery, with 38% of organisations admitting to insufficient insights across their multi-cloud infrastructures.
“Once a breach occurs, even the most meticulously crafted plans can fall apart,” emphasised Gareth Russell, field CTO for APAC at Commvault. He urged organisations to elevate their cybersecurity maturity by regularly testing incident response plans and auditing AI tools for associated risks.
While 85% of organisations claim to have incident response plans, only 30% test these plans against mission-critical workloads. The discrepancy between expected and actual recovery timelines is stark; 72% of business leaders believe they can recover from a cyber event within five days, while IT leaders report that restoring minimal operations typically takes 3-4 weeks.
The repercussions of inadequate preparedness are severe: 83% of companies experienced data exfiltration, and only 40% successfully recovered all their data. Michel Borst, area vice president for Asia at Commvault, highlighted the necessity of operationalising resilience. “Confidence without capability can lead to business failure when the worst happens,” he warned.
The compliance landscape is becoming increasingly complex, with 52% of organisations subject to multiple regulatory requirements. This growing compliance burden adds another layer of complexity to the recovery process, underscoring that resilience today requires not only technological readiness but also compliance preparedness.
As the threat landscape evolves, organisations must bridge the gap between perceived readiness and actual resilience to safeguard their operations and reputations effectively.