CY­BER SE­CU­RITY Firms urged to strengthen their sys­tems

Sun.Star Cebu - - BUSINESS - PR

Hav­ing weak cy­ber se­cu­rity puts a com­pany at risk of los­ing rev­enue and rep­u­ta­tion. It can also make the com­pany vul­ner­a­ble to sen­si­tive data theft and costly law­suits.

For these rea­sons, firms are urged to build up their ca­pa­bil­ity to pro­tect their cy­berspace or out­source a re­li­able com­pany with a cy­ber se­cu­rity ap­proach that is pre­dic­tive, re­spon­sive, pre­ven­tive, and de­tec­tive.

“Tra­di­tional se­cu­rity mea­sures are nec­es­sary but are not enough for the sur­vival of an or­ga­ni­za­tion,” said ePLDT chief in­for­ma­tion se­cu­rity of­fi­cer An­gel Re­doble.

“Even if you have the ba­sic setup for your com­pany’s cy­ber se­cu­rity, you will be spend­ing money and still putting the com­pany at risk.” Re­doble was one of the speak­ers dur­ing the Sem­i­nar on Cy­ber Se­cu­rity and Data Pri­vacy Law or­ga­nized by PLDT En­ter­prise and the Man­daue Cham­ber of Com­merce and In­dus­try (MCCI) at Maayo Ho­tel on Jan. 25. Other speak­ers were As­sis­tant Sec­re­tary Geron­imo Sy of the De­part­ment of Jus­tice and Po­lice Se­nior Insp. Leo De­ofiles, chief of the Re­gional Anti-Cy­ber­crime Of­fice-Cen­tral Visayas.

While cy­ber at­tacks are be­com­ing more “in­tel­li­gent and so­phis­ti­cated” every year, many firms still do not have a strong un­der­stand­ing of their cy­ber pos­ture and many or­ga­ni­za­tions take long to dis­cover a breach.

“Busi­nesses need to pro­tect its in­ter­nal and ex­ter­nal in­for­ma­tion. The longer you de­tect and re­solve a cy­ber at­tack, the big­ger the dam­age. The chal­lenge is to re­spond quickly and ef­fi­ciently. How fast can you re­spond and re­cover?” Re­doble said.

Com­plex prob­lem

He ex­plained that cy­ber at­tacks are driven by dif­fer­ent mo­ti­va­tions, such as for per­sonal or cor­po­rate gains, or­ga­ni­za­tion fund­ing, and eco­nomic su­pe­ri­or­ity.

But when com­pa­nies im­ple­ment cy­ber se­cu­rity, they are faced with the com­plex­i­ties it brings, in­clud­ing peo­ple, process, and tech­nol­ogy, larger net­work, BYOD (bring your own de­vice), and siloed IT. Also, de­ploy­ment can make it dif­fi­cult to im­ple­ment cy­ber se­cu­rity across or­ga­ni­za­tions.

Cy­ber se­cu­rity, ac­cord­ing to Re­doble, also needs the right peo­ple with the right ex­per­tise. Yet com­pa­nies are hav­ing dif­fi­culty re­cruit­ing the re­quired tal­ent. This could be at­trib­uted to the lack of solid ed­u­ca­tional pro­grams on cy­ber se­cu­rity, among oth­ers.

With the way cy­ber at­tacks are be­com­ing elab­o­rate every year, Re­doble urged firms to face the facts.

He said that at­tack­ers also have ac­cess to most or all the de­fen­sive tools and tac­tics of en­ter­prise de­fend­ers and that de­fend­ers lack plat­form, au- thor­ity, and re­sources to fully con­trol and pro­tect the sys­tems and data they are re­spon­si­ble for. He also ques­tioned the ca­pa­bil­ity of se­cu­rity teams to mon­i­tor round-the-clock traf­fic and at­tacks.

“Cy­ber se­cu­rity is not just about tech­nol­ogy and com­put­ers. It in­volves peo­ple, in­for­ma­tion sys­tems, cul­ture and phys­i­cal sur­round­ings, and tech­nol­ogy. It cre­ates a se­cure en­vi­ron­ment where busi­ness can re­main re­silient in the event of a cy­ber at­tack,” he said.

Dur­ing the sem­i­nar, MCCI Pres­i­dent Stan­ley Go raised the sug­ges­tion for the cham­ber to work with PLDT in con­duct­ing a “cy­ber se­cu­rity au­dit” for its mem­ber-com­pa­nies. /

Newspapers in English

Newspapers from Philippines

© PressReader. All rights reserved.