What governments can do
Cybersecurity executives currently spend 7 per cent of their time on regulatory and compliance and twice the amount of time on cyber monitoring and operations. A safer and lower risk cyber environment can help to redirect their attention to more critical cyber domains. Governments across the region have a range of tools to help organisations better prepare for cyber threats and get their digitalisation projects back on track:
1. Leading by example
Governments are the fastest growing spenders on security in the region. With critical digital services increasingly central to governments around the region, spending alone is not sufficient. Lawmakers should consider broader governance structures that support any cyber strategy from transformation to compliance to talent recruitment.
2. Regulatory harmonisation
Cybercrimes can originate from any part of the world and are often difficult to investigate and prosecute. Regulatory harmonisation between sectors facilitates proactive cyber security strategies that contribute to stronger preparedness across the region and ultimately lead to greater enforcement of local laws—even in foreign jurisdictions.
Government procurement practices have an influence on the broader private sector. By implementing minimum cyber security criteria, there is an opportunity to identify potential flaws in the sourcing process and reduce overall costs of responding to a cyberattack.
Regional variation in reporting standards increases the regulatory burden on businesses operating in the region. Reporting regulation must ensure companies operate under the best standards of data protection without imposing burdensome restrictions on their day-to-day operations.
5. Developing skills
APAC represents the largest regional skills shortage in the world with 2.6 million fewer workers than required. In comparison the second largest shortage was found in Latin America which requires another 600,000 workers. This presents tremendous opportunity to implement specialised cyber security training, both for those entering higher education and those retraining or upskilling.
John O’Mahony is Partner and Lead Author of this research from Deloitte Access Economics Australia
More information can be found in the Deloitte Cyber Smart: Enabling APAC businesses report, commissioned by VMware.