Global News

Challenges and Opportunities on Cybersecurity in 2019

Spikes Asia 2025 Spikes Asia 2025 is now open. Download your entry kit!
Sponsor Digicon

In this Internet-driven world, connections can be double-edged. While relationships are built, information is sent, businesses are propelled, attackers also sneak, stealing data and money with just a few clicks.

 

Sponsor

In the past years, thieves have found ways and means to enter websites uninvited, with their attacks. This year saw some of the worst of these breaches in Asia, including True Corp’s data gaffe in Thailand which exposed the identity documents of around 45,000 customers, Singapore’s largest data breach by far which affected 1.5 million patients to SingHealth’s specialist outpatient clinics, including Prime Minister Lee Hsien Loong and several ministers, and Wendy’s Philippines website hack which revealed 80,000 users’ personal data.

 

Palo Alto Networks, a multinational cybersecurity company, released its Cybersecurity Forecast 2019, with five predictions that may define web security in the next year:

 

Big or small, businesses face the threat of having their cyber assets compromised. Over the past five years, $US12 billion has been stolen worldwide due to theft of passwords and log-in details. Attackers have grown sophisticated and confident in luring they way in by pretending to be internal stakeholders or partners. Their crafty ways include mimicking corporate websites, targeting employees’ personal social media accounts and even launching exploits.

 

“Any business that collects data, data that may be used, whether it is a holiday website, or an application for your phone. All of these things are gathering data and data is becoming more precious in terms of insights that people can gain from it but also in terms of identity theft and things like that.”, O’Leary explains.

 

Although it is doubtful that businesses will be able to fight cybercriminals in 2019, there are measures on how to minimize their threats. Palo Alto Networks says, “Where possible, businesses will need to assess their internal flow of information as well as implement more comprehensive checks and approval processes, especially with regard to the movement of resources.” Stronger passwords and two or multi-factor authentication and biometrics are also recommended.

 

 

The interconnection digital provides builds bridges, enabling businesses to connect with suppliers and service providers from around the globe. Although the easy links and sharing of data prove to be beneficial, they also open doors for eager cyber predators. These risks are in the healthcare sector, where third-party connected medical devices – such as MRI and X-ray machines – plug in to internal networks daily.

 

As the global supply chain increases in complexity, businesses must make sure that confidential information is kept separate and secure, away from external devices and systems. Internal security standards around the procurement of third-party apps and devices must be in place. Firmware and applications must always be updated and login configurations must be altered from the default configuration.

 

 

Asia-Pacific countries are moving into formulating laws ensuring cyber protection, with a sense of urgency. Singapore has already formalized its framework. In the Philippines, the National Privacy Commission is now ensuring the compliance with Republic Act No. 10173 or the Data Privacy Act of 2012.

 

The Association of Southeast Asian Nations (ASEAN),with over 700 million active mobile connections and with a flourishing digital economy, is taking an initiative to establish an ASEAN Digital Data Governance Framework to promote transparency in data privacy and cross-border data sharing amongst member states.

 

Businesses in this region can use the European Union’s General Data Protection Regulation as a baseline to address current gaps in compliance and help improve prevention measures.

 

Cloud computing, the storing of data on multiple virtual servers that are generally hosted by third parties, has been vital to businesses wanting to deliver new products and services without expensive investments in compute resources. Cloud computing ensures the delivery of services—servers, storage, databases, networking, software, analytics, intelligence and more—over the Internet to offer faster innovation, flexible resources, and economies of scale.

 

Although beneficial, implementing a cloud computing strategy can present loopholes.The intertwined ecosystem has made security a complex undertaking, especially for organisations already dealing with the difficulty of finding cybersecurity talent.

 

To succeed, enterprises must have the processes, technology and people in place to keep systems secured in every stage. Legacy security systems, made up of various point products, have proven inadequate to prevent the rising number of cyberattacks. Too many security tools depend heavily on manual intervention, which can’t enact new protections quickly enough to have a meaningful impact on ongoing, targeted attacks.

 

 

Critical infrastructure (CI), which describes public infrastructure and resources, now encompasses other sectors, like banking and financial services, telecommunications and the media. As CI goes digital, interaction between corporate and industrial networks has made them susceptible to cyber attacks. This jeopardizes industry systems such as supervisory control and data acquisition (SCADA) and industrial control systems (ICS), which are crucial to the energy, water and public transport sectors.

 

As countries in Asia Pacific are now adopting industry 4.0 technologies (e.g., machine learning for autonomous vehicles), they will rely more on telemetry and connectivity, putting the lives of the public in the hands of systems that rely on accurate and accessible data. As a start, CI owners, both public and private, will have to put in place Zero Trust systems and ensure the segregation of access.

 

Palo Alto Networks says, perspectives about compliance need to change as well. “CI owners must move away from a compliance-driven approach to security, towards a stance that live and breathes security. Regulators and owners can co-create a regulatory framework that works for both, while cultivating a security-first approach to designing and maintaining all CIs.”

 

Palo Alto Networks serves more than 56,500 customers in over 150 countries, with a revenue of USD 2.3B in FY18.

Learn more about cybersecurity from Palo Alto Networks’ Kevin O’ Leary here:

 

 

Partner with adobo Magazine

Related Articles

Back to top button