Cyber Crime & ForensicIdentity & AccessPress ReleaseThreat Detection & Defense

Proofpoint Report: 78% of Singapore Boards See Generative AI as Security Risk

Photo of CSA Editorial CSA Editorial Send an email October 20, 2023
4 minutes read

Proofpoint, Inc., a leading cybersecurity and compliance company, released its second annual Cybersecurity: The 2023 Board Perspective report, which explores the board of directors’ views on the global threat landscape, cybersecurity priorities, and relationships with Chief Information Security Officers (CISOs). The findings reveal that 89% of board members in Singapore believe they are at risk of a material cyber-attack in 2023, a notable increase from 66% last year and higher than the global average of 73%. Paradoxically, Singapore board members rank last amongst surveyed countries in terms of feeling prepared to cope with a cyber-attack despite ranking first in agreeing their organisation has adequately invested in cybersecurity.

This year-over-year change may reflect the ongoing volatility of the threat landscape, including lingering geopolitical tensions and rises in disruptive ransomware and supply chain attacks. The emerging risk of artificial intelligence (AI) tools such as ChatGPT may also be contributing to these sentiments: 78% of Singapore board members believe generative AI is a security risk for their organisation, significantly higher than the global average of 59%.

The Cybersecurity: The 2023 Board Perspective report examines global, third-party survey responses from 659 board members at organisations with 5,000 or more employees across different industries. In June 2023, more than 50 board directors were surveyed in each market from 12 countries.

According to the report, boards and CISOs in Singapore have different concerns about the biggest cyber threats to their organisation. Boards ranked malware (43%), ransomware (41%), insider threat (40%), and supply chain attacks (40%) as their top concerns, while CISOs view insider threat (35%), cloud account compromise (35%), and email fraud/business email compromise (32%) as the most worrying. Boards and CISOs are also still not entirely aligned: while both understand human error is a big risk, boards are much more confident in their organisation’s ability to protect data (86%) compared to CISOs (68%).

Yvette Lejins, Resident CISO, Asia Pacific and Japan at Proofpoint, said: “It is encouraging that boards and CISOs are generally more aligned when they do interact. However, now is not the time to grow complacent. As insider threats and supply chain attacks have become increasingly costly, it is important that organisations remain vigilant and take the necessary steps to break the attack chain by protecting their employees and defending sensitive data.”

The report also compares the board’s alignment with CISOs based on the sentiments uncovered in Proofpoint’s 2023 Voice of the CISO report released in May this year.

“The newfound alignment between board members and their CISOs on cyber risk and preparedness is a positive sign that the two sides are working closer together and making progress. However, this growing alliance hasn’t yet delivered significant changes in cybersecurity posture,” said Ryan Kalember, Executive Vice President of Cybersecurity Strategy at Proofpoint. “Our findings show that it remains a challenge to translate increased awareness into effective cybersecurity strategies that protect people and data. Boards must continue to invest heavily in improving preparedness and organisational resilience, which means pushing for even deeper, more productive conversations with CISOs to ensure directors are making informed, strategic decisions that drive positive outcomes.”

Key Singapore findings from Proofpoint’s Cybersecurity: The 2023 Board Perspective report include:

  • Generative AI has most of the boardroom’s attention: with tools such as ChatGPT getting much of the spotlight in recent months, 78% of surveyed Singaporean board directors view this emerging technology as a security risk to their organisation.
  • Year-over-year comparison shows Singaporean board members are much more concerned about cyber risk: 89% of those surveyed feel their organisation is at risk of a material cyber-attack, compared to 66% in 2022.
  • Awareness and funding do not translate into preparedness: 79% of Singaporean board directors agree that cybersecurity is a priority for their board, 89% believe their board clearly understands the cyber risks they face, 86% think they have adequately invested in cybersecurity, and 97% believe their cybersecurity budget will increase over the next 12 months. However, 81% still view their organisation as unprepared to cope with a cyber-attack.
  • Board members and CISOs have different concerns about their biggest threats: Singaporean board members ranked malware (43%), ransomware (41%), insider threat (40%), and supply chain attacks (40%) as their top concerns. This is mostly different from CISOs’ top concerns of insider threat (35%), cloud account compromise (35%), and email fraud/BEC (32%).
  • Directors are not aligned with CISOs in the areas of people risk and data protection: while most Singaporean board directors (68%) and CISOs (59%) agree that human error is their biggest risk, board members are much more confident in their organisation’s ability to protect data— 86% of directors share this view, compared to 68% of CISOs.
  • Improved security awareness and culture, bigger budgets, and additional cyber resources top boardrooms’ wish lists: 44% of Singaporean board directors said their organisation’s cybersecurity would benefit from improved security awareness and culture amongst employees, 43% would like to see a greater cybersecurity budget, and 38% would like additional cyber resources.
  • Board-CISO interactions and relationships are improving: 59% of Singaporean board directors say they interact with security leaders regularly. While a significant increase from last year’s 37%, it still leaves nearly half of all boardrooms without strong CISO-C-suite relationships. Board members and CISOs are generally aligned when they do interact, however, with 76% of board members saying they see eye-to-eye with their CISO and 60% of CISOs agreeing.
  • Personal liability is much more of a concern for boards than CISOs: 76% of Singaporean board directors expressed concern about personal liability in the wake of a cybersecurity incident at their own organisation, while only 56% of CISOs agree.
Tags
Photo of CSA Editorial CSA Editorial Send an email October 20, 2023
4 minutes read
Photo of CSA Editorial

CSA Editorial

Launched in Jan 2018, in partnership with Cyber Security Malaysia (an agency under MOSTI). CSA is a news and content platform focusing on key issues in cybersecurity in the region. CSA is targeted to serve the needs of cybersecurity professionals, IT professionals, Risk professionals and C-Levels who have an obligation to understand the impact of cyber threats.

Related Articles

Sumsub

Sumsub, Elliptic Team Up to Tackle Crypto Financial Crime

November 29, 2024

Secure Your Bargains: Essential Tips for Staying Cyber Safe During Black Friday Sales

November 29, 2024
Financial Phishing

Financial Phishing Continues to Be Menace to SEA Companies—Kaspersky

November 28, 2024
Keeper Security

Williams Racing Chooses Keeper Security to Safeguard Data in Formula 1’s High-Stakes, Data-Driven World

November 28, 2024

Leave a Reply

Your email address will not be published. Required fields are marked *

(c) Asia Online Publishing Group 2024 - Media and PR enquiries - editor@aopg.net