Executive Summary: ISG Provider Lens™ Cybersecurity - Solutions & Services - Singapore & Malaysia 2022
The individual quadrant reports are available at:
The C-level is increasingly part of cybersecurity decisions
The cybersecurity landscape continues to evolve rapidly in Asia. The growing importance of cybersecurity is changing the way Singapore and Malaysian enterprises procure cybersecurity services.
Singapore and Malaysian senior management are increasingly being included in the decision-making on cybersecurity products and strategies and are expressing interest in understanding all aspects of cyber risks. Increased awareness of cyberattacks and stricter regulations and legislation are further raising the maturity levels.
Asian companies are increasing their spending on cloud-based end-to-end security solutions as they seek OPEX pricing models and less complex purchase options. Both small and large cybersecurity providers are expanding their own service offerings and packaging them as a platform. Smaller Asian providers are acquiring other vendors of similar size to become end-to-end cybersecurity providers.
As increasingly mission-critical resources are stored in the cloud, the number of access points continues to rise exponentially. Enterprises are ramping up their strategies to leverage cloud, enable remote workers, and optimize their cost structure. This, in turn, is driving strong demand for cybersecurity services.
Demand for cloud-based detection and response solutions, and web access management in Singapore and Malaysia are anticipated to accelerate over the next few years as companies need to safely access an increasing volume of online information and applications.
Cybersecurity is becoming an increasing challenge for organizations in Singapore and Malaysia, as the number of sophisticated cyberattacks continues to grow in these countries. The COVID-19 pandemic has put further strain on security systems that were already under significant pressure.
The COVID-19 pandemic has accelerated the pace of digital transformation, as companies were forced to implement more remote working policies and digital customer experiences. This has increased consumer data privacy expectations and is placing organizations under increasing pressure to ensure that their data privacy systems can adequately scale for the increased demands.
A broad range of cybersecurity providers are expanding their consulting divisions, with customers increasingly preferring to purchase solutions from their existing providers, rather than engaging with a new consultancy firm. The interest for on-demand solutions is growing significantly among Singapore and Malaysian customers.
Digital transformation initiatives that leverage cloud technologies and enable remote working are driving demand for more cybersecurity solutions in Asia. Following is a brief summary of the trends in each quadrant covered in this report:
Asian enterprises purchasing IAM-related tools should make a balanced decision based on their individual requirements. Factors that need to be rigidly assessed include vendor support, partner networks, and the vendor’s product development roadmap. IAM technology is evolving rapidly with the emergence of novel IAM-as-a-service offerings and the growing need to include IAM functionality in DevOps and containers and secure IoT devices.
The CIO, CTO, or CISO are typically the decision-makers for purchasing DLP solutions. Many large enterprises in Singapore and Malaysia have now set up the chief compliance officer position. Enterprises procuring DLP solutions should seek local partner choices and evaluate their implementation capabilities, after-sales support, and licensing models. They should consider data masking if compliance is a significant concern.
Many enterprises based in Singapore or Malaysia are already using an endpoint protection solution. However, advanced endpoint threat detection, protection, and response (AETDPR) solutions are more advanced than DLP, include behavioral detection, provide automation and orchestration of multiple threat protection, and integrate detection and response capabilities into a single product. To cover the entire enterprise endpoint landscape, the solution should offer threat protection and detection capabilities across all operating systems. The most advanced solutions utilize risk-based approaches to policy architecture and enforcement to help support a zero-trust device posture.
Technical security services (TSS) are increasingly being used by Singapore or Malaysia-based enterprises. The risk of attacks that intentionally interfere with AI’s ability to make correct judgments is a source of growing concern in Singapore and Malaysia due to the fast-growing adoption of AI technologies across several industries. Leading vendors are developing new technologies to make AI models more robust against deception attacks and protect against attempts to use forged attack data to deceive AI models into making deliberate misjudgments.
The strategic security services (SSS) market in Singapore and Malaysia is being significantly impacted by the heightened awareness of security issues and greater hacking activities that accelerated during the COVID-19 pandemic. Many enterprises in Singapore and Malaysia in this segment are hiring specialists and announcing new service offerings. Consulting firms operating in Singapore and Malaysia have built additional expertise to help clients stay compliant in this highly regulated environment.
In Singapore and Malaysia, managed security services (MSS) providers are evolving from mainly providing SOC-based services to become more complex, AI-powered cyber defense organizations. Many service providers in this space have a strong specialization. Managed cybersecurity services have become a continuous and essential process for enterprises. Cyber defense centers (CDCs) are emerging to expand security operations rather than replace SOCs. These centers leverage advanced machine learning tools that can leverage large volumes of data to provide smart analytics and insights into how threats morph, move and spread. They share information dynamically with other CDCs, to stay up to date with new developments in the cybercrime market.
Access to the full report requires a subscription to ISG Research. Please contact us for subscription inquiries.