As organizations in Southeast Asia embrace a digital-first mindset, cybersecurity remains a high-priority investment for the majority of businesses in the region. Findings from the recent IDC Asia/Pacific Security Sourcing Survey 2022 indicate cybersecurity as a critical investment area for organizations in Southeast Asia, which they look to procure from third-party providers.
"Adoption of digital tools and modernization of business applications and distributed infrastructure have been the hallmarks of the digital-first era, which also significantly increases the attack surfaces for cyber threats. Thus, Southeast Asian businesses will be turning to trusted security partners for advice, implementation, and management of security operations to improve their security posture," said James Sivalingam, senior program manager at IDC Asia/Pacific.
According to the same survey, network security emerged as the top security focus among Southeast Asian businesses. As organizations adopt more distributed and diverse IT setups, network security becomes a critical imperative. This is followed by cloud security operations, which indicates that enterprises in Southeast Asia have progressed along their cloud transformation journey and are now focusing on securing their data and workload on the cloud.
In 2021, Southeast Asia organizations spent US$3.2 billion on cybersecurity, covering services, software and appliances. This figure is expected to increase at a five-year CAGR of 13.6 % to reach US$6.1 billion by 2026.
Meanwhile, in a separate survey, 67% of organizations in Southeast Asia stated they are making at least some changes to their IT strategies due to digital sovereignty concerns. IDC defines digital sovereignty as the capacity for digital self-determination by states, companies, or individuals.
In the wake of business and operations disruptions caused by the COVID-19 pandemic and other geopolitical conflicts around the world, organizations are becoming increasingly concerned about digital sovereignty and are taking steps to ensure greater business resilience.
"By taking greater control over the underlying technologies that power their operations and digital assets, such as data, infrastructure and software, organizations in Southeast Asia are seeking to safeguard business continuity," added Sivalingam.
Regulations around data ownership and control have emerged as one of the key factors that will influence organizations' technology investments and partnerships due to digital sovereignty concerns. Additionally, due to the same concerns, businesses in the region have indicated a preference for local or national vendors, potentially providing new opportunities for local vendors. As a result, these vendors may need to expand and scale their capabilities considerably to address the increased market demand.