Companies should bolster cybersecurity budgets in transformation plan - KPMG

KUALA LUMPUR – Companies in Malaysia should revisit their overall cost efficiency and bolster funds for cybersecurity as part of their digital transformation plan, KPMG Management and Risk Consulting Sdn Bhd said, reported Bernama.

Its head of cyber, Jaco Benadie, said achieving cost efficiency while maintaining robust cyber defence capability controls is a complex task in the middle of a pandemic.

“While organizations significantly increased their investments into digital adoption last year to cope with new normal, cybersecurity tends to be regelated as an afterthought in favour of enabling customer engagement online and improving employee mobility,” he said in a statement yesterday.

Citing the recent hacktivist group threat towards the government, Benadie said the government’s initiative to increase cybersecurity uptake among businesses through the Malaysian Digital Economy (MyDigital) blueprint showcased its commitment to double down against cyber threats.

“Not only do organisations face mounting cost pressures due to movement control restrictions, but they also need to ensure their security can defend against adversaries in the evolving threat landscape. This means they have to invest adequately and can strike the right balance in their budgets,” he added.

According to KPMG, a total of 10,790 incidents were reported to CyberSecurity Malaysia last year.

“A worrying global trend, including Malaysia, is the increase in ransomware attacks. The Financial Times reported that cybercriminals profited more than US$350 million (US$1=RM4.12) in 2020 alone, a 311% increase from 2019,” it said.

Therefore, KPMG in its latest report, ‘Security through a downturn’, has listed five challenges and corresponding strategies that chief information security officers (CISOs) should consider, namely cash preservations, third-party security spend, cybersecurity tools and abundance of project, regulatory and compliance obligations, and security processes.

“Organisations, especially CISOs, should plan their technology investments strategically to achieve significant long-term returns.”

“This not only enables commercial operations to continue uninterrupted but also safeguard the hard-earned trust placed on the company by their customers,” said Benadie.