Around 2 in 5 Hong Kong businesses experienced cyber incident: report

This is the lowest in the Asia Pacific region.

About 43% of businesses in Hong Kong surveyed have said that they have experienced a cyber incident, the lowest recorded in the Asia Pacific region, according to a study by Kroll.

In the State of Incident Response: Asia Pacific report, Kroll said that the Hong Kong data is lower than the average of 59% across the region.

The major cause of cyber incidents in the market was malware (30%), which is also the most cited cyber incident experienced across the Asia Pacific at 23% of the total incidents reported, followed by DDoS  (19%), and phishing (14%).

Hong Kong businesses are most concerned about data loss at 68%, followed by business interruption at 54% and reputational damage at 57%. The report also found that cyber incidents in the market mainly resulted in data loss (40%), business interruption (30%), intellectual property theft, and monetary loss both at 23%.

READ MORE: Cybersecurity is the top agenda in 6 in 10 boardroom discussions

Neo Lam, Associate Managing Director, Cyber Consulting at Kroll said the reason behind Hong Kong ranking the lowest in terms of the number of incidents might be due to underreporting, or in some instances due to non-awareness of incidents due to the maturity of security programmes.

Lam also said that there is a lack of legislative requirements for organisations to probe and report a cyber incident and a consensual definition of what a cyber incident is may also be a reason.

“In addition to large enterprises, an increasing number of SMEs are becoming the target of cyberattacks this year, perhaps reflective of the fact that SMEs generally do not have in-house cyber security specialists,” Lam said. 

“For Hong Kong firms to boost their cyber resilience, they would need to understand the magnitude of cyber threats and engage expertise that can help organizations to use limited budgets efficiently, and develop effective cyber security plans and incident response playbooks which are tested and validated,” the associate managing director added.

Lester Lim, Senior Vice President, Cyber Risk, Kroll also said that cyber insurance will play a key role for business even if insurance costs for such have increased.