En­ter­prises pre­pare for in­sider threats to data

China Daily (USA) - - BUSINESS - ByWUYIYAO in Shang­hai wuyiyao@chi­nadaily.com.cn

In­sid­ers have be­come one of the largest threats to en­ter­prises’ crit­i­cal dig­i­tal and phys­i­cal as­sets, ac­cord­ing to re­search com­mis­sioned by EY, a con­sul­tancy ser­vices provider.

The study polled more than 665 se­nior ex­ec­u­tives in 17 coun­tries and re­gions, in­clud­ing 40 pro­fes­sion­als from China. More than 25 per­cent of re­spon­dents said they be­lieve in­sider threats and il­licit be­hav­iors tak­ing ad­van­tage of in­ter­net tech­nolo­gies are the fastest grow­ing risk.

“About 70 per­cent of our ser­vices de­liv­ered to clients are fo­cus­ing on il­licit be­hav­ior tak­ing ad­van­tage of in­ter­net tech­nolo­gies such as us­ing loop­holes in net­work sys­tems and on­line pay­ment schemes, par­tic­u­larly in fin­tech and on­line pay­ment sec­tors,” said Chen Zhi, an EY part­ner and ex­pert in fraud in­ves­ti­ga­tion and dis­pute ser­vices.

More ex­po­sure amid in­creased con­nec­tiv­ity is mak­ing it dif­fi­cult to de­tect threats to crit­i­cal as­sets, such as in­tel­lec­tual property, formulas, pay­ment in­for­ma­tion, and clients’ per­sonal in­for­ma­tion, said Chen. Chen Zhi,

“It is not just an IT is­sue— it takes an en­ter­prisewide ap­proach in­clud­ing many hu­man el­e­ments— to plan for, pre­vent, de­tect, re­spond to and re­cover from in­sider threats,” said EY’s re­search note on man­ag­ing in­sider threats.

China’s en­ter­prises said they have in­creas­ingly in­vested in im­prov­ing their or­ga­ni­za­tion’s in­ter­net safety and in­ter­net se­cu­rity, in­clud­ing de­ploy­ing more re­sources to build up their cy­ber­se­cu­rity teams and use more third-party ser­vices, such as data mon­i­tor­ing, data re­cov­ery and user be­hav­ior pat­tern anal­y­sis.

OnNov 7, China’s cy­ber­se­cu­rity law was ap­proved by the Stand­ing Com­mit­tee of the Na­tional Peo­ple’s Con­gress, China’s top leg­is­la­ture. The law will come into ef­fect on June 1, 2017.

“Hav­ing worked ex­ten­sively with clients in APAC and China, we know the chal­lenges they face man­ag­ing data in le­gal pro­ceed­ings and en­sur­ing that pri­vacy and state se­crecy laws are re­spected. E-dis­cov­ery so­lu­tions that al­low clients to process data in the coun­try and on-site at a com­pany’s premises in China are there­fore es­sen­tial,” said Kate Chan, re­gional man­ag­ing di­rec­tor in Kroll On­track’s Asia Pa­cific prac­tice, an endto-end provider of elec­tronic ev­i­dence ser­vices.

Even small-sized en­ter­prises, such as star­tups, should bear in mind that com­puter foren­sics, e-dis­cov­ery, and doc­u­ment re­view are im­por­tant for pro­tect­ing rights. They should start work­ing with pro­fes­sion­als, such as lawyers, at a very early stage of oper­a­tions to en­sure long-term growth and safety, said Chan.

About 70 per­cent of our ser­vices de­liv­ered to clients are fo­cus­ing on il­licit be­hav­ior tak­ing ad­van­tage of in­ter­net tech­nolo­gies ...” an ex­pert in fraud in­ves­ti­ga­tion

Newspapers in English

Newspapers from China

© PressReader. All rights reserved.