Press FAQ

Publication date: 26 Oct 2022

Cybersecurity Remains a High Priority in Southeast Asia as Organizations Embrace Digital-First Era and the Rise of Digital Sovereignty Concerns in the Region, Says IDC


For more information, contact:

KUALA LUMPUR, October 27, 2022 – As organizations in Southeast Asia embrace a digital-first mindset, cybersecurity remains a high priority investment area for majority of the businesses in the region. Findings from a recent IDC Asia/Pacific Security Sourcing Survey 2022 indicate cybersecurity as a critical investment area for organizations in Southeast Asia which they look to procure from third-party providers.

"Adoption of digital tools and modernization of business applications and distributed infrastructure have been the hallmarks of the digital-first era, which also significantly increases the attack surfaces for cyber threats. Thus, Southeast Asian businesses will be turning to trusted security partners for advice, implementation, and management of security operations to improve their security posture," says James Sivalingam, Senior Program Manager at IDC Asia/Pacific.

According to the same survey, network security emerged as the top security s focus among Southeast Asian businesses. As organizations adopt more distributed and diverse IT setup, network security becomes a critical imperative. This is followed by cloud security operations, which indicates that enterprises in Southeast Asia have progressed along their cloud transformation journey and are now focusing on securing their data and workload on the cloud.

In 2021, Southeast Asia organization spent on cybersecurity (services, software, and appliance) reached US$3.2 billion. This figure is expected to increase at a five-year CAGR 13.6 % to reach US$6.1 billion by 2026.

Meanwhile, according to Future Enterprise Resiliency and Spending Survey 2022, Wave 4 (May 2022), 67% of organizations in Southeast Asia have stated they are making at least some changes to their IT strategies due to digital sovereignty concerns. IDC defines digital sovereignty as the capacity for digital self-determination by states, companies, or individuals.

In the wake of business and operations disruptions caused by the COVID-19 pandemic and other geopolitical conflicts around the world, organizations are becoming increasingly concerned about digital sovereignty and are taking steps to ensure greater business resilience.

"By taking greater control over the underlying technologies that power their operations and digital assets, such as data, infrastructure, and software, organizations in Southeast Asia are seeking to safeguard business continuity," adds Sivalingam.

Regulations around data ownership and control emerged as one of the key factors that will influence organizations' technology investments and partnerships due to digital sovereignty concerns. Additionally, due to the same concerns, businesses in the region have indicated preference for local or national vendors, potentially providing new opportunities for local vendors. As a result, these vendors may need to expand and scale their capabilities considerably to address the increased market need.


About IDC

International Data Corporation (IDC) is the premier global provider of market intelligence, advisory services, and events for the information technology, telecommunications, and consumer technology markets. With more than 1,300 analysts worldwide, IDC offers global, regional, and local expertise on technology and industry opportunities and trends in over 110 countries. IDC's analysis and insight helps IT professionals, business executives, and the investment community to make fact-based technology decisions and to achieve their key business objectives. Founded in 1964, IDC is a wholly-owned subsidiary of International Data Group (IDG), the world's leading tech media, data and marketing services company. To learn more about IDC, please visit Follow IDC on Twitter at @IDC  and LinkedIn. Subscribe to the IDC Blog  for industry news and insights.