Local organisations, even resource-poor startups, must do better in cybersecurity war

Even resource-poor startups must make cybersecurity a business priority, experts say


LOCAL organisations have a collective responsibility - and can do better - to tackle cybersecurity challenges. Even startups, which may lack the resources to afford cybersecurity tools, must make the detection of cyber threats a business priority, experts said - in light of the multiple cyberattacks on Singapore universities and malls in just the past week.

A new study on cybersecurity readiness in the Asia-Pacific (Apac) found that while 81 per cent of organisations in Singapore are confident of their cyber resilience, only 53 per cent proactively check if they are truly secured. This study, conducted by Frost & Sullivan late last year, was commissioned by security intelligence company LogRhythm.

Bill Taylor-Mountford, vice president (Apac and Japan) at LogRhythm, told The Business Times: "We need a mindset shift. If organisations continue to focus solely on prevention, they will find themselves fighting a losing battle. Their focus needs to shift from just prevention to detection and neutralisation of threats, before they cause any damage."

He noted that the recent Wanna Decryptor attack - which affected nearly 100 countries, and also targeted British hospitals and major companies such as FedEx and Spain's Telefonica - could have been less damaging "if people updated their machines".

He said: "People need to be aware that cybercrimes are now big business and we are all potential targets. All organisations must be prepared for these types of infections. Implementing strong forensic monitoring capabilities is the only way to ensure that their infrastructure is kept up and running at all times."

Liran Grinberg, co-founder of Israeli cybersecurity think tank Team8, added that Singapore is a digital economy marked by hyperconnectivity and an increasing pace and complexity of cyberthreats.

"Companies here should assume a breach will happen and prepare for it with both technologies as well as procedures and methodologies."

The Singapore government is closely monitoring the global situation. A spokeswoman for GovTech said: "To date, no government agencies' operations have been affected by the global hacking attacks that were reported from Friday. We have put in place a range of measures which minimise the likelihood of government systems being infected by malware, including ransomware."

Ransomware - which was behind the attacks on the display directories at local malls Tiong Bahru Plaza and White Sands - is currently the world's biggest cybersecurity threat. This type of malicious software designed to block access to a computer system until a sum of money is paid has been reportedly used to extort more than US$325 million from tens of thousands of victims worldwide.

The GovTech spokeswoman also said that GovTech is "working with government agencies to ensure adherence to cybersecurity best practices". GovTech, which formed in 2016 after a restructure between the Infocomm Development Authority and the Media Development Authority, is the agency tasked with deploying ICT solutions across the public sector.

In Singapore, even smaller companies such as startups - which may lack the resources or means to afford cybersecurity tools - must build an integrated response to cyberthreats, experts said.

Nick FitzGerald, senior research fellow at antivirus software maker ESET, told BT: "The status of a company as a startup or as a fully-fledged, long-established business in no way obviates the need for proper disaster recovery planning."

He explained that many businesses - regardless of size - which suffer a major cyberattack never fully recover; they either close down or get taken over by competitors in a year or two following the attack. "I cannot imagine that is any more desirable an outcome for a startup than for any other company, so resolving these issues should be at least as important to a startup as any other organisation."

Mr Taylor-Mountford said that for resource-poor startups, the first step is to identify where their security gaps are and what needs to be prioritised. "They need to build the right foundation, then add on building blocks in the future. Focus on minimising time to detect a breach, as there is no way we can stop all attacks."

He suggested that startups begin with using freemium versions of enterprise tools, and then upgrade to the full versions once they scale. "Startups can also launch simple employee awareness programmes on the importance of cybersecurity."

Ofer Israeli, chief of Tel Aviv-based cybersecurity firm illusive networks, noted that companies should adopt cybersecurity measures proportional to the sensitivity of their data, as opposed to their size.

He said: "Even smaller organisations, such as law firms, contain very sensitive data that must be protected. Having said that, obviously small organisations have challenges with personnel and expertise to handle more sophisticated security solutions."

Mr Israeli urged smaller companies to find solutions that incur "minimal overhead in terms of additional systems and employee attention". Such solutions will allow them to attain a high level of cybersecurity with the few resources they have.

Notably, local startups, when asked about their cybersecurity measures and spending, all declined to comment. A public relations source told BT: "They are afraid that if they comment, the next thing they know, they might get hacked."