Sophos research indicates that 83% of organizations’ cybersecurity budgets will increase in the next 12 months, with 50% increasing spending with MSPs. The Cybersecurity Playbook for Partners in Asia Pacific and Japan, released in collaboration with Tech Research Asia, analyzed business priorities and opportunities for partners. As organizations implement AI technologies, they are concerned about cybercriminals’ tactics. AI-augmented cyberattacks are the most worrying threat in all markets except Australia, ranking third behind credential theft and phishing/social engineering.

“The ongoing prevalence of cyber threats has forced organizations to address a variety of their cybersecurity measures,” said Cameron Reid, director of Channel Sales MSP, Sophos Asia Pacific and Japan. “The report found that the top three areas of importance for businesses are strengthening cybersecurity posture around financial operations, improving risk management capabilities, and ensuring cybersecurity is robust enough to support digital transformation programs. When businesses invest in new technologies, it is front of mind that this is done securely to ensure potential attack surfaces are protected.” 

Worryingly, less than one in two (45%) of APJ organizations surveyed believe they have the skills to deal with AI threats, and just over one in five (22%) believe they have a comprehensive AI and automation strategy. To combat these AI skills shortages, 45% of organizations want to outsource to partners to support them, and 49% intend to train and develop in-house skills with partner-supported training and education. 

In the next 12 months, 83% of APJ organizations expect to have their cybersecurity budget increase, and 50% intend to invest more into third-party managed security services to consolidate and manage tech stacks, enhance security capabilities, and alleviate in-house pressures. 

The top product and solution areas attracting increased budgets are: 

  • Infrastructure and network security (62% are increasing budgets) 
  • Threat detection and response (61%) 
  • Application and security (56%) 
  • Identity access management (53%) 
  • Incident response and recovery (50%) 

Regarding vendor environments, only 20% of surveyed organizations use just one vendor for their cybersecurity needs, with one in three (33%) using three or more. Multi-vendor environments will increase in the next 12 months as organizations move towards flexible and tailored commercial constructs from partners.

Additionally, organizations are looking for partners with solid security. 

Skills. Almost 60% of organizations surveyed said they are unlikely to engage a partner that had been breached or suffered a security incident themselves. Of the companies still engaging a breached partner, 81% will include extra performance clauses and specific service level agreements. 

“Since adversarial behaviors are always evolving, it is essential that organizations get the support they need to address all aspects of cybersecurity and continue to consistently evaluate and maintain strong defenses against the latest cyberattacks,” added Reid. “The research shows companies understand they need help building ongoing cyber resiliency and are looking to partners to fill their in-house gaps. This means MSPs have an opportunity to win and maintain business by presenting their strong technical cybersecurity skills, knowledge of the threat landscape, and ability to help customers and prospects stay secure so they can focus on their business operations and goals. 

To learn more about how partners can help organizations remain protected from cyber threats, visit Sophos MSPs program: https://www.sophos.com/en-us/partners/managed-service-providers.