77% of Singapore firms have suffered from cyberattacks

And yet, 39% said they still don't have a security strategy.

About 77% of Singapore firms have indicated that they have detected one or more cyberattack incidents in the last twelve months, PwC’s Global State of Information Security Survey (GSISS) revealed.

Despite this, about 39% of Singapore companies said they are not prepared for cyberattacks, noting that they do not have an overall information security strategy. The figure is higher than Asia's 41%.

Meanwhile, 59% percent of the survey respondents in Singapore cited compromise of sensitive data as the biggest consequence of a cyberattack, followed by the disruption of operations, cited by 45%, and harm to product quality, cited by 40%.

Despite this knowledge, 36% said they do not have an employee security awareness training programme and 44% don’t have an incident-response process.

"When cyberattacks occur, most victimised companies say they cannot clearly identify the culprits," PwC said.

Only 25% in Singapore are very confident in their attribution capabilities, lower than the global figure of 39%.

"The soaring production of insecure internet-of-things (IoT) devices is creating widespread cybersecurity vulnerabilities. Rising threats to data integrity could undermine trusted systems and cause physical harm by damaging critical infrastructure," PwC said.