Businesses in Singapore must invest in their people for digital transformation success

• Telstra study finds business leaders lean too heavily on technology in digital transformation decisions
• Singapore companies cite gap between digital transformation priorities and performance
• Digital transformation driven financial rewards difficult to show
• Businesses need whole-of-business approach for digital transformation success

March 2019: The success of digital transformation initiatives undertaken by organisations in Singapore fall short of expectations due to their heavy emphasis on technology and lack of focus on people and processes.

This was one of the main findings of Telstra’s Disruptive Decision-Making research, which surveyed 3,810 senior decision-makers from 12 industries in 14 markets around the world to uncover insights into strengths and weaknesses around their digital transformation programs.

Focus on technology undermining success
When rating decision-making across four factors for success – people, processes, technology understanding and partnerships – businesses in Singapore ranked ‘technology understanding’ as the area where they feel by far most confident.

Seventy six per cent of Singapore respondents felt their organisation makes technology decisions ‘well’ or ‘extremely well’. While the understanding of technology and its performance is important, other factors are equally significant.

Telstra Managing Director APAC, Ms Marjet Andriesse

Telstra’s Managing Director, APAC, Marjet Andriesse, said that organisations that are highly digitally mature (20% in Singapore, compared to 21% globally) show greater focus on people and processes.

“The research shows that successful digital transformation relies on more than the right technology, it requires the right culture, the right people – and the right processes to support them,” Ms Andriesse said.

“Digital transformation must be a company journey that involves upskilling and changing employee mindsets, adapting structures and ways of working, and creating teams that can take advantage of new technologies.”

Whole-company approach needed
The research found that a company-wide approach to digital transformation is significantly more likely to result in success, yet 66% of Singapore organisations are allowing business departments drive individual digital initiatives, compared to 51% globally.

A further 8% said they outsource as much as possible (vs 15% globally), and only 25% say they have an integrated, whole-of-company digital transformation strategy (vs 31% globally).

“Globally, organisations that have a whole-of-business digital transformation strategy are significantly more likely to be highly digitally mature, make extremely good digital decisions, and see the impact of digital transformation across the business,” Ms Andriesse said.

“The research demonstrates that Singapore organisations have an opportunity to integrate digital transformation activity across all areas of the business, but this needs to be led by a clear company strategy from the C-suite and board level down.”

Businesses in Singapore not delivering on digital priorities
The report also found there was a substantial gap between digital transformation priorities and performance.

Organisations in Singapore rated their top digital transformation priorities as (1) optimising technology to move faster, (2) protecting digital assets from cyber threats, and (=3) optimising security investments to reduce time and resource management, and (=3) protecting, detecting and responding in real time to events.
However, when it came to decision-making performance, these priorities ranked poorly.

“One of the red flags we saw in this research was the gap between the areas businesses in Singapore chose as their highest priorities, and their performance in these areas,” Ms Andriesse said.

“Cyber security was identified as a particular focus area in Singapore. But despite protecting digital assets from cyber threats rating as the second highest priority – it achieved the lowest performance score in terms of ability to deliver.”

Ms Andriesse said there were a few factors to consider when analysing this finding.

“It is notable that three of Singapore’s top four priorities are related to security, even though performance in these areas is poor. This performance gap is symptomatic of the fact that security requires a whole-of-business approach incorporating people, processes, and technology working in concert together,” Ms Andriesse said.

Hard financial outcomes difficult to show
The research found that while organisations in Singapore are increasing their investment in digital transformation, many businesses had yet to realise the financial impact of their efforts.

More than a third of businesses in Singapore invested more than US$1 million in digital transformation products and services over the past year (34%), while almost one in 10 spent more than US$5 million (8%).

This figure is set to increase as 30% of respondents said their company’s total spend on digital transformation would grow by more than 10% in the next three years.

However, when it came to measuring the impact of digital transformation, showing hard outcomes such as financial returns of this investment was difficult.

“Measuring the progress and success of any digital transformation strategy or individual project is an absolute essential. But the metrics in which we measure success are just as important,” Ms Andriesse said.

“Organisations in Singapore found it particularly hard to demonstrate financial results from digital transformation. In fact, of all the business outcomes surveyed, increasing profit margins saw the lowest levels of achievement in Singapore.

“Successful companies are clear on what digital transformation means for their organisation, they have empowered their people, strengthened their processes and identified their key partners.”

Source: Telstra Singapore

Malwarebytes Research: 1 Out of 3 SMEs in Singapore Victims of Ransomware

Ransomware Attack Downtime, Not Ransom Demand, is the Business Killer

Singapore, – 1 August, 2017 – Malwarebytes, the leading advanced malware prevention and remediation solution, released its “Second Annual State of Ransomware Report” today. The multi-country study surveyed 1,054 small and medium enterprises (SMEs) across Singapore, France, U.K., Germany, Australia, and North America. The report, conducted by Osterman Research, explores ransomware attack frequency, impacts of attacks in SMB environments, costs of attacks, attitudes towards ransom payments, preparedness and more.


Ransomware is a relatively common problem for SMEs in Singapore, with the research revealing that more than one-third, 35%, of Singapore-based SMEs having experienced a ransomware attack in the last year. Close to a fifth (21%) of those who had been hit by ransomware had to cease all business operations immediately, and 11% lost revenue as a direct result of the attack.


The impact of ransomware is often measured in terms of cash lost through ransomware payments. However, the report finds that downtime caused by ransomware can have a more significant impact on one’s business. The majority of cybercriminals (53%) who strike SMEs in Singapore with ransomware ask for payments of less than USD 1,000. With only 7% asking for sums more than USD 10,000.


It seems that most of the pain incurred from being a ransomware victim can be tied to either the loss of files, with 33% of SMEs who refused to pay the ransom losing access to files as a result, or the downtime that it causes. More than 61% of companies in Singapore hit by ransomware, experienced downtime of more than 9 hours from a single incident of ransomware; the equivalent to a full working day.


It is clear that SMEs in Singapore view ransomware as a major problem, with ransomware ranking as the top security problem for SMEs along with malware infiltration thorugh email; 72% of respondents indicated they are critical problems. This was followed by email phishing (70%) and malware infiltration via web browsing (64%). The bottom three concerns were: insider theft of data (55%), phishing through social media (39%) and the physical theft of laptops and mobile devices (23%).


Despite being a top concern for SMEs in Singapore, only one out of 10 (9%) were confident that they would be able to stop ransomware attacks. Even SMEs who have been hit by ransomware previously are finding it difficult to pinpoint how they were infected, with a third of respondents (30%) indicating they did not know how they were infected. Not knowing how a ransomware infection started, can make removal of malware more difficult, and also makes it hard to determine what the company’s cybersecurity gaps are.


“Businesses of all sizes are increasingly at risk for ransomware attacks,” said Jeff Hurmuses, Managing Director and Area Vice President, APAC, Malwarebytes. “However, the stakes of a single attack for a small business are far different from the stakes of a single attack for a large enterprise. Osterman’s findings demonstrate that SMBs are suffering in the wake of attacks, to the point where they must cease business operations. To make matters worse, most of them lack the confidence in their ability to stop an attack, despite significant investments in defensive technologies. To be effective, the security community must thoroughly understand the battles that these companies are facing, so we can better protect them.”


“Second Annual State of Ransomware Report” top findings for Singapore include:


  • The impact of ransomware on SMBs can be devastating. For roughly one in six impacted organizations, a ransomware infection caused 25 or more hours of downtime, with some organizations reporting that it caused systems to be down for more than 100 hours. Further, among SMBs that experienced a ransomware attack, 21% reported that they had to cease business operations immediately, and 11% lost revenue.
  • Most organizations make addressing ransomware a high priority, but still lack confidence in their ability to deal with it. Of the Singapore SMEs surveyed, 73% place a high or very high priority on addressing the ransomware problem. Despite these investments, nearly one-half of the organizations surveyed expressed little to only moderate confidence in their ability to stop a ransomware attack.
  • For many, the source of ransomware is unknown and infections spread quickly. For 30% of organizations in Singapore that suffered a ransomware infection, decision makers could not identify how the endpoint(s) became infected. Notably, more than 20% of ransomware infections spread to other devices.
  • Most SMBs do not believe in paying ransomware demands. 62% of Singapore based respondents believe that ransomware demands should never be paid. Most of the remaining organizations believe that demands should only be paid if the encrypted data is of value to the organization. Among organizations that chose not to pay cybercriminals’ ransom demands, about one-third (33%) lost files as a result.
  • Current investments in technology might not be enough. About one-quarter of SMEs in Singapore claim to have been running anti-ransomware technologies. However, 35% of businesses in the country have experienced a ransomware attack.


“It’s clear from these findings that there is widespread awareness of the threat of ransomware among businesses, but many are not yet confident in their ability to deal with it,” said Hurmuses. “Companies of all sizes need to remain vigilant and continue to place a higher priority on protecting themselves against ransomware.”  


To view the full global “Second Annual State of Ransomware” report for more detailed findings and analysis, visit link