Demand for Managed Service Partners Strong as AI-augmented Cyberattacks Highlighted as Top Concern for Organisations across APJ

Demand for managed service partners strong when it comes to cybersecurity

Sophos has released its Cybersecurity Playbook for Partners in Asia Pacific and Japan (APJ) in collaboration with Tech Research Asia.

Sophos recently released its Cybersecurity Playbook for Partners in Asia Pacific and Japan in collaboration with Tech Research Asia. The report analysed the priorities for businesses over the next 12 months, and the opportunities for partners to support these ambitions. “The ongoing prevalence of cyber threats has forced organisations to address a variety of their

The report analysed the priorities for businesses over the next 12 months, and the opportunities for channel partners to support these ambitions. The research found that demand for managed service provider (MSP) support is strong, with 50% of organisations in the Asia Pacific region saying they will increase spend with MSPs.

“The ongoing prevalence of cyber threats has forced organisations to address a variety of their cybersecurity measures,” said Cameron Reid, director, Channel Sales MSP, Sophos Asia Pacific and Japan. “The report found that the top three areas of importance for businesses are strengthening cybersecurity posture around financial operations, improving risk management capabilities, and ensuring cybersecurity is robust enough to support digital transformation programs. Evidently, when businesses invest in new technologies, it is front of mind that this is done in a secure manner to ensure potential attack surfaces are protected.”

In the next 12 months, 80% of Singapore organisations expect to have their cybersecurity budget increase and intend to invest more into third-party managed security services to consolidate and manage tech stacks, enhance security capabilities, and alleviate in-house pressures.

Source: Sophos' Cybersecurity Playbook for Partners in Asia Pacific and Japan. Chart showing responses for the question "Will your cybersecurity budget increase or decrease in the next 12 months?"

Between 80% and 90% of businesses in the countries surveyed said they would increase their cybersecurity budgets in the next 12 months, other than in India, where more than 90% of businesses plan on increasing budgets, and Japan, where between 70% and 80% of businesses said the same.

“The ongoing prevalence of cyberthreats has forced organisations to address a variety of their cybersecurity measures,” said Cameron Reid, director, Channel Sales MSP, Sophos Asia Pacific and Japan.

“The report found that the top three areas of importance for businesses are strengthening cybersecurity posture around financial operations, improving risk management capabilities, and ensuring cybersecurity is robust enough to support digital transformation programmes. Evidently, when businesses invest in new technologies, it is front of mind that this is done in a secure manner to ensure potential attack surfaces are protected.”

As organisations continue their digital transformation journey by implementing technologies such as artificial intelligence (AI), they are concerned about how cybercriminals are doing the same. The report found AI-augmented cyberattacks are considered the most worrying cyberthreats for organisations in Singapore, followed by phishing/social engineering and ransomware.

Fewer than one-in-three (28%) of Singapore organisations surveyed believe they have the skills to deal with AI threats, and just 24% believe they have a comprehensive AI and automation strategy in place. To combat these AI skills shortages, 45% of organisations in APJ are looking to outsource to partners to support them and 49% intend to train and develop in-house skills with the assistance of partner-supported training and education.

The top product and solution areas attracting increased budgets are:

• Infrastructure and network security (62% are increasing budgets)

• Threat detection and response (61%)

• Application and security (56%)

• Identity access management (53%)

• Incident response and recovery (50%)

In terms of vendor environments, only 24% of surveyed organisations in Singapore use just one vendor for their cybersecurity needs, with close to one-in-three (33%) using three or more. Multivendor environments will increase in the next 12 months as organisations move towards flexible and tailored commercial constructs from partners, Sophos said.

Additionally, organisations are looking for partners with strong security skills. More than half (62%) of Singapore organisations surveyed said they are unlikely to engage a partner that had been breached or suffered a security incident themselves. Of the companies that will still engage a breached partner, 83% will include extra performance clauses and specific service level agreements.

“Since adversarial behaviours are always evolving, it is essential that organisations get the support they need to address all aspects of cybersecurity and continue to consistently evaluate and maintain strong defences against the latest cyberattacks,” added Reid.

“The research shows companies understand they need help building ongoing cyber resiliency and are looking to partners fill their in-house gaps. This means MSPs have an opportunity to win and maintain business by presenting their strong technical cybersecurity skills, knowledge of the threat landscape, and an ability to help customers and prospects stay secure so they can focus on their business operations and goals."

*Data referenced in the Cybersecurity Playbook for Partners in Asia Pacific and Japan report is drawn from TRA’s research for Sophos conducted in July 2024 from a sample of 900 companies across Australia, India, Japan, Malaysia, Philippines & Singapore.