Philippines has lowest ‘zero trust’ adoption in Asia Pacific, says study

From among Asia Pacific countries, the Philippines registered the lowest adoption of security approach measures for employees against cyber threats regardless of location and network, a recent study conducted by cybersecurity firm Okta revealed.

According to The State of Zero Trust Security in Asia Pacific 2021 report, only 5% of Philippine organizations have existing security strategies dubbed as Zero Trust.

Zero Trust is said to ensure that various users have access to security initiatives regardless of their location, device, or network. It ensures that the proper people have the proper level of access and the proper resources.

This compares with regional peers such as Japan with 32%, Hong Kong with 17%, Malaysia with 13%, Australia with 11%, South Korea with 10%, and Indonesia with 10%.

The same study found, however, that 95% of local firms intend to beef up their Zero Trust initiatives in the upcoming 12 to 18 months.

Okta APAC Regional Chief Security Officer Ben King said that while the adoption should ideally be faster, any moves toward establishing security initiatives should be considered progress.

“I think in a perfect world, it wouldn’t be fast enough. In a perfect world, we would have these things solved already,” he said in an interview with GMA News Online.

“Every week in the media we are seeing new attacks as I mentioned whether they’re ransomware, whether they’re a supply chain attack with someone compromising a large supply, and the going and compromising their customers in some cases doing supply chain ransomware,” he added.

The Okta study also found that 85% of Philippine firms indicated that Zero Trust initiatives have increased in priority, but it is not the top focus, while 5% say it is top priority.

“There might have been bigger priorities socially or organizationally or nationally to focus on rather than Zero Trust,” King said.

A significant proportion of local micro, small, and medium enterprises (MSMEs) were forced to shut down due to the restrictions brought about by the COVID-19 pandemic, and only a small chunk have since reopened.

“I think it’s just either a different prioritization in the last few years of where security spend has been, or when I talk about organizations getting an increase in budget this year or already post-pandemic in the last 18 months, that might not have been evidenced in the Philippines in the last year or two,” he explained.

Moving forward, Okta expects 40% of organizations across the region to have implemented context-based access policies, with 29% implementing secure access to applications categorized under Stage 2 or contextual access.

“If I look at the Philippines in particular, where less have already started but more are planning to start, typically what we’re seeing is lots of budget being made available by leadership or by boards,” King said.

“Getting the right people, the right resources technically to execute the program is the difficulty and that’s why it probably can’t be done straight away,” he added.—LDF, GMA News