A Kaspersky report shows the significant cyberthreats faced by Malaysia, with the cybersecurity firm claiming that it blocked over 22 million local threats last year.

Kaspersky’s security network infrastructure data indicates that offline media such as USB drives are a common attack vector, with worms and file viruses making up the majority of these local threats.

Commenting on the decrease in attacks – from over 35 million in 2021 to over 22 million in 2022 and last year – Yeo Siang Tiong, Kaspersky’s general manager for South-East Asia, highlights a shift in strategy by cybercriminals.

“It’s also important to remember that, in recent years, cybercriminals have already seen the value of targeted attacks over mass attempts.

“We should not be complacent just because we see this slight drop in local threats. Vigilance remains necessary,” he said in the press release.

Furthermore, the 2024 Cisco Cybersecurity Readiness Index rated only 2% of Malaysian companies at a “Mature” level of readiness, the highest attainable rating, to counter cybersecurity risks.

The majority of Malaysian enterprises fall into the two lowest-scoring categories – Beginner or Formative (66%) – which are below Progressive.

The index, which includes data from 8,136 private-sector companies across 30 markets, including Malaysia, reveals a pressing situation: 73% of surveyed companies experienced a cybersecurity incident in the past year, with 44% of those incidents costing them at least US$300,000 (RM1.4mil).

In Malaysia, the gap between supply and demand for cybersecurity talent is significant, with 91% of firms deeming it problematic and 44% reporting more than 10 vacant cyber- security roles.

Cisco’s index also discovered that 77% of companies believe a cybersecurity incident could disrupt their business operations in the next two years.

Despite the lack of readiness, 85% of companies remain confident in their ability to confront cyberthreats – a sentiment Cisco’s executive vice president and general manager of security and collaboration, Jeetu Patel, characterises as overconfidence.

“We cannot underestimate the threat posed by our own overconfidence.

“Today’s organisations need to prioritise investments in integrated platforms and lean into AI in order to operate at machine scale and finally tip the scales in the favour of defenders,” he said.