"Recent data from PwC shows that 84% of organisations in Asia Pacific increased their cybersecurity budgets in the past year. On the surface, that suggests strong executive support. In practice, however, growing spend has brought sharper scrutiny from boards and chief financial officers (CFOs), not reassurance. The underlying tension is simple: more investment has not automatically translated into clearer outcomes, reduced incidents, or confidence at the board table."
"At the same time, 45% of APAC CIOs admitted they had overinvested in tools they did not fully need or utilise. This is not an indictment of security teams or strategy. It reflects the reality of an environment where threats are evolving quickly, tools are proliferating, and success is hard to define in simple terms. From a CISO perspective, the challenge is less about budget size and more about efficiency: how much risk exposure is actually being reduced for each dollar spent."
APAC organisations increased cybersecurity budgets significantly, with 84% raising spend, but boards and CFOs increasingly scrutinise ROI. Many organisations still experienced incidents—91% reported at least one in the last year and 53% had multiple—despite higher spending. Almost half of CIOs reported overinvesting in underutilised tools. Cybersecurity outcomes are probabilistic, making avoided breaches and faster detection hard to quantify financially. Common security metrics do not map easily to financial returns. Security leaders must shift focus from budget totals to efficiency and measurable reduction in risk exposure per dollar, aligning metrics with board-level financial expectations.
Read at TechRepublic
Unable to calculate read time
Collection
[
|
...
]