Ever since the internet got smarter in the recent decade, there has not been a peaceful year without news of data leaks.
With the rise of cyber threats, many organisations have turned to the ancient way of working, which is to go offline, to prevent themselves from becoming the next victim of cyber crime. But is this the solution that will stop hackers from penetrating organisations’ firewall? If not, what should the organisations do to make sure that their cybersecurity infrastructures are sufficient to deter hacks?
We asked Mr Yeo Siang Tiong, General Manager of Southeast Asia, Kaspersky Lab for his expert opinions on the growing cyber threats.
Is there a system that can totally prevent hacks or data breach?
We always try to cover all the bases and be one step ahead of the cybercriminals, but there is really no fool-proof
Today’s sophisticated attackers are always finding ways to exploit institution’s cybersecurity loopholes. Improvement does not come from making breaches impossible but accepting the possibility of a breach and deploying holistic measurements to, at least, try to avoid or lessen its impact.
How difficult is it to track who’s responsible for data breaches?
Attribution of threats is perhaps the trickiest part in cybersecurity. Since 2016, sophisticated attackers have been mastering the art of deception through false flags, which include fake time stamps, languages, and malware strings. Cybercriminals take time to make it harder for us and the law enforcement team to catch them. This is why we need a strong private and public cooperation to identify and stop them.
We’ve heard that many big organisations are taking their daily operations offline and are retaining only a handful of PCs that have internet access to reduce the possibility of being hacked. How effective is this solution and what does it mean for Singapore when it’s pushing to become a smart nation?
To be a truly smart and secure nation, Singapore needs to strike a balance between connecting, facilitating data exchange to deliver smart – (contextual, timely) solution and reducing the attack surface for criminals. After all, no one can stick their head in the sand for too long before the world pass them by.
It may seem that going offline completely will keep any secret safe: if there is no Internet, then there is no data leakage. However, that is not the case. There are a lot of “offline” techniques cybercriminals can use to infect or spy on systems, like electromagnetic spying, infection through heat waves, and of course, there is the vulnerable USBs and discs.
What would you recommend companies do in face of data breach threats?
It is better for organisations to ensure they have a combination of the following:
- A professional IT team
- A team who is dedicated to overseeing the company’s IT networks and cybersecurity-related assets and who are well-versed with the latest trends and threats.
- Implementing holistic security solutions
- It is almost crucial to note that companies should not just implement security solutions on the perimeter but also internally—across the network.
- Ensure everyone follows the best security practices
- Educate your staff on the dos and don’ts of proper company protocols to ensure their actions will not make the company vulnerable.
For companies that are looking to implement a more robust cyber security system to deter hacks, what considerations that they should take note of?
We often recommend to companies these four key considerations:
- Does the security platform offer comprehensive coverage? A company’s in-house computers are not the only places where hackers can access financial and other private data. If a company is only protecting the CEO’s computer and those of in-house managers, then it is not well-protected. Threat intelligence solutions ensure that all endpoint devices, such as smartphones and laptops, for all employees are evaluated for security. Many large cyber attacks have also been initiated through access provided by third-party vendors to people outside the companies. A company needs to know that third-party vendors’ systems are protected as well as someone within the company’s.
- Can it keep up with times? New threats can develop in the blink of an eye. Hackers who are phishing for data often seem to be a few steps ahead. Threat intelligence solutions must be dynamic to keep up with the industry effectively. Companies must choose a security partner that regularly updates and evaluates the ways your company is addressing potential threats. For example, it should review critical players and their specific responsibilities, understand different ways an attacker can penetrate systems, and take immediate action in informing cybersecurity teams when attacks occur.
- Does it address your industry’s specific needs? If your company is a small, local retail business, it will be hard to benefit from a security platform designed for a global financial agency. There are different types of threats that target specific industries, and the best threat intelligence solutions should take your company’s particular needs into account. When evaluating options to address potential cyber threats, use a system that responds to the changing industry landscape you see every day.
- Is it easy to implement? Your security platform must be automated to address any problems that might arise quickly. This demands a high level of communication throughout your extended network and any connected devices. By creating a system of up-to-date security technologies, you help your business avoid becoming a statistic in the ever-growing reality of cybercrime.