亚太及日本地区中端市场组织的网络安全韧性基准研究

oAustraliaoChinaoIndiaoIndonesiaoHong KongoJapanThe Palo Alto Networks PerspectiveoKoreaoMalaysiaoPhilippinesoSingaporeoTaiwanoVietnamAbout UsoAbout Palo Alto NetworksoAbout TRAGeographical Profiles 2 l © 2025 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.2 l © 2025 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.2 l © 2025 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.ForewordThe Cybersecurity LandscapeThe Palo Alto Networks CybersecurityBenchmark Study for Asia Pacific and JapanoTop Cybersecurity PrioritiesoTop Cybersecurity Investment StrategiesThe Cybersecurity BenchmarkoCybersecurity Benchmark Metrics○Execution of Cybersecurity Strategy○Cybersecurity in the Business○Performance of Operational Capabilities○Maturity of Cybersecurity Usage○Alignment with the NIST 2.0 FrameworkPartner InsightsoPartners: The Route to SuccessoPartner Selection Criteria 3 l © 2025 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.ForewordAttacks are more sophisticated andoften AI-driven, evading traditionalsecurity solutionsA lack of skilled cybersecuritypractitioners weakens cyber defensesWith hybrid work, more connecteddevices and the popularity ofcloud-based applications, the attacksurface has grownMultiple cybersecurity implementationscan be a challenge to manageThe typical mid-market organization isnavigating an increasingly complex andhostile threat landscape today: These challenges can only be addressedwith more support to demystifycybersecurity and strengthen cyberresilience.Mid-market organizations are already primetargets for cybercriminals with theirrelatively tight tech budgets and small ITteams, coupled with access to largerenterprises and a significant amount ofintellectual property. There is no better timeto transform the narrative.The inaugural Palo Alto NetworksCybersecurity Benchmark for mid-marketorganizations in Asia-Pacific and Japan(JAPAC), together with recommendationsfor next steps, will be a key catalyst forpositive change. 4 l © 2025 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.The Palo Alto Networks CybersecurityBenchmark Study for Asia Pacific and JapanMuch of what is known about cybersecurityaddresses large enterprises, and theinsights typically originate from beyond theJAPAC region, or cover a handful ofmarkets in JAPAC at best.This is why Palo Alto Networks collaboratedwith Tech Research Asia (TRA) to find outhow mid-market organizations in JAPACare approaching cybersecurity. Anadditional goal was to enable peerbenchmarking for JAPAC mid-marketorganizations.The data referenced in this report wasdrawn from an online panel in November2024. Respondents held senior IT orcybersecurity roles in 2,817 organizationswith 200–700 employees. Insights weregathered across 12 JAPAC countries andterritories, averaging 234 responses percountry.These findings form the foundation of thePalo Alto Networks CybersecurityBenchmark, providing in-depth profilesacross the region. Designed to driveimprovement, the benchmark alsoexamines how organizations lead, prioritize,and fund their cybersecurity strategies. 6 l © 2025 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.Top Cybersecurity PrioritiesAsia-Pacific mid-marketorganizations have rankedcybersecurity as a top-threebusiness priority, focusing onprotecting customersandintellectual propertywhilesupportingdigital transformation.Mid-market organizations plan tofocus on specific technologies andservices to improve their resiliencein the next 12—24 months.THE CYBERSECURITY LANDSCAPE Top prioritiesbusinesses wantcybersecurity tosupportTop 3 investmentpriorities to supportthe strategies, overthe next 24 monthsTop 3 investmentstrategies over thenext 12 months Supporting digitaltransformationprogramsIdentity and accessmanagement (IAM)Optimizing internalcybersecurity ecosystemsthrough improvingeducation, automation andprocesses ProtectingcustomersCloud security posturemanagement (CSPM)Strengthening policiesand governance, riskand compliance(GRC) Protectingintellectual propertySecurity informationand eventmanagement (SIEM)Recruiting/upskillingtheir owncybersecurityprofessionals 7 l © 2025 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.Over the past five years, theproportion of IT budgets allocated tocybersecurity has more thandoubled—from 6% to 13.6% today.Approximately91%of mid-marketorganizations intend to eithermaintain or increase theircybersecurity spendingwithin thenext 12 months.In terms of procurement preferences,70%of organizations nowfavorflexible payment modelssuch assubscription-based,consumption-based, oroutcome-based arrangements, ratherthan traditional upfront payments.Top Cybersecurity Investment Strategies201920256.0%13.6%Percentage of IT budgetdedicated to cybersecurityMid-ma