AI-Powered Data Breaches a Growing Concern for Businesses in Asia Pacific

Singapore, October 8, 2024 - Cloudflare, Inc. (NYSE: NET), the leading connectivity cloud company, today released a new study focused on cybersecurity in Asia Pacific. The report, called "Navigating the New Security Landscape: Asia Pacific Cybersecurity Readiness Survey," shares the latest data on cybersecurity preparedness in the region, revealing how organizations are coping with ransomware, data breaches, and complexities brought about by Artificial Intelligence (AI).

Data Breaches on the Rise: How Companies Are Paying the Price

The survey found that 41% of respondents across Asia Pacific said their organization experienced a data breach in the past 12 months, with 47% indicating they suffered from more than 10 data breaches. Of these, the industries that experienced the most data breaches included Construction and Real Estate (56%), Travel and Tourism (51%), and Financial Services (51%). Threat actors most frequently target customer data (67%), user access credentials (58%), and financial data (55%). Furthermore, the study reveals that 87% of respondents are concerned about AI increasing the sophistication and severity of data breaches.

AI: Changing the Threat Landscape

While AI boosts organizational efficiency, many fear that cybercriminals will increasingly exploit this technology, with 50% of our respondents anticipating AI will be used to crack passwords or encryption codes. Additionally, 47% believe AI will enhance phishing and social engineering attacks, while 44% expect it to advance DDoS attacks. Lastly, 40% foresee AI playing a role in creating deepfakes and facilitating privacy breaches.

Facing these evolving and diverse threats, 70% of respondents report their organizations are adapting how they operate. Key areas impacted by AI include governance and regulatory compliance (40%), cybersecurity strategy (39%), and vendor engagement (36%). Cybersecurity leaders are gearing up to tackle AI-driven risks, with every respondent expecting to deploy at least one AI-related security tool or measure. Top priorities include hiring generative AI analysts (45%), investing in threat detection and response systems (40%), and enhancing SIEM systems (40%). IT vendors remain critical, as 66% of respondents have already sought AI solutions from them.

Ransomware: A Rising Threat in Asia Pacific

Ransomware remains a growing concern across the entire region. The study reveals that 62% of organizations hit by ransomware paid the ransom, even though 70% had publicly vowed not to. Overall, a compromised Remote Desktop Protocol or VPN server (47%) proved to be the most common means of entry by threat actors.

There are significant variations across the region, though, with organizations in India (69%), Hong Kong (67%), Malaysia (50%), and Indonesia (50%) are most likely to pay ransoms, while South Korea (19%), Japan (19%), and New Zealand (22%) are the least likely to give in to ransomware demands.

"Cybersecurity leaders face growing pressure from cyberattacks, stricter regulations, and limited resources. To protect their organizations, they must constantly assess talent, budgets, and solutions," said Grant Bourzikas, Chief Security Officer at Cloudflare.

Rising Regulatory Demands: Consuming Time and Resources

"Regulation" and "compliance" also emerged as important themes in this year's study. The survey shows that 43% of respondents said they spend more than 5% of their IT budget to address regulatory and compliance requirements. In addition, 48% of respondents reported spending more than 10% of their work week keeping pace with industry regulatory and certification requirements. However, this investment in regulatory compliance has had a positive impact on businesses, such as improving organisation's baseline privacy and/or security levels (59%), improving the integrity of organisation's technology and data (57%), and improving the organisation's reputation and brand (53%).

To find out more about the APAC Cybersecurity Study, please check out:

• Whitepaper download

Survey Methodology

This survey was conducted on behalf of Cloudflare across a total of 3,844 cybersecurity decision-makers and leaders from small (250 to 999 employees), medium (1,000 to 2499 employees), and large (more than 2,500 employees) organisations. Respondents were drawn from a wide range of industries: Business & Professional Services; Construction & Real Estate; Education; Energy, Utilities & Natural Resources; Engineering & Automotive, Financial Services; Gaming; Government; Healthcare; IT & Technology; Manufacturing; Media & Telecoms; Retail; Transportation; Travel, Tourism & Hospitality. Respondents were based in 14 markets across Asia Pacific: Australia, China, Hong Kong SAR, India, Indonesia, Japan, Malaysia, New Zealand, the Philippines, Singapore, South Korea, Taiwan, Thailand, and Vietnam (n=201 to 405 per country), and were surveyed online and recruited via general business panels. The survey was aimed at building a better understanding of the threat landscape facing Chief Information Security Officers (CISOs) and their teams across the vast and varied territories of Asia Pacific, and the challenges they faced around paradigms like complexity, compliance and talent. The survey was conducted in June 2024.

About Cloudflare

Cloudflare, Inc. (NYSE: NET) is the leading connectivity cloud company on a mission to help build a better Internet. It empowers organisations to make their employees, applications and networks faster and more secure everywhere, while reducing complexity and cost. Cloudflare's connectivity cloud delivers the most full-featured, unified platform of cloud-native products and developer tools, so any organisation can gain the control they need to work, develop, and accelerate their business. Powered by one of the world's largest and most interconnected networks, Cloudflare blocks billions of threats online for its customers every day. It is trusted by millions of organisations - from the largest brands to entrepreneurs and small businesses to nonprofits, humanitarian groups, and governments across the globe.

Learn more about Cloudflare's connectivity cloud at cloudflare.com/connectivity-cloud. Learn more about the latest Internet trends and insights at radar.cloudflare.com. Follow us: Blog | X | LinkedIn | Facebook | Instagram

Forward-Looking Statements

This press release contains forward-looking statements within the meaning of Section 27A of the Securities Act of 1933, as amended, and Section 21E of the Securities Exchange Act of 1934, as amended, which statements involve substantial risks and uncertainties. In some cases, you can identify forward-looking statements because they contain words such as "may," "will," "should," "expect," "explore," "plan," "anticipate," "could," "intend," "target," "project," "contemplate," "believe," "estimate," "predict," "potential," or "continue," or the negative of these words, or other similar terms or expressions that concern Cloudflare's expectations, strategy, plans, or intentions. However, not all forward-looking statements contain these identifying words. Forward-looking statements expressed or implied in this press release include, but are not limited to, statements regarding Cloudflare's plans and objectives, Cloudflare's global network, and Cloudflare's products and technology, Cloudflare's technological development, future operations, growth, initiatives, or strategies, future market risks and trends, and comments made by Cloudflare's Chief Security Officer, and others. Actual results could differ materially from those stated or implied in forward-looking statements due to a number of factors, including but not limited to, risks detailed in Cloudflare's filings with the Securities and Exchange Commission (SEC), including Cloudflare's Quarterly Report on Form 10-Q filed on August 1, 2024, as well as other filings that Cloudflare may make from time to time with the SEC.

The forward-looking statements made in this press release relate only to events as of the date on which the statements are made. Cloudflare undertakes no obligation to update any forward-looking statements made in this press release to reflect events or circumstances after the date of this press release or to reflect new information or the occurrence of unanticipated events, except as required by law. Cloudflare may not actually achieve the plans, intentions, or expectations disclosed in Cloudflare's forward-looking statements, and you should not place undue reliance on Cloudflare's forward-looking statements.

© 2024 Cloudflare, Inc. All rights reserved. Cloudflare, the Cloudflare logo, and other Cloudflare marks are trademarks and/or registered trademarks of Cloudflare, Inc. in the U.S. and other jurisdictions. All other marks and names referenced herein may be trademarks of their respective owners.