EDITOR ’ S QUESTION
RICHARD SOROSINA , CYBERSECURITY PRACTICE
LEAD , MACQUARIE CLOUD SERVICES
It is far better to get on the front foot and fortify your bunker before the tornado hits .
For organizations across the Asia Pacific region , falling victim to a cyberattack is not a matter of if , but when . It is far better to get on the front foot and fortify your bunker before the tornado hits , and the question should really be whether leaders can limit the impact of a cyberattack to their business when it inevitably occurs .
In the Gartner 2021 CIO Agenda Survey , cybersecurity was the number one priority for new spending in Southeast Asia and the second highest priority in Australia and New Zealand . These allocations are positive but redundant if leaders fail to first nail down the basics of their cyberdefense .
Businesses need an incident response plan that will clearly outline the steps to be followed when a data breach occurs . By neglecting to do so , the organization will become the low hanging fruit that attackers go after .
Even a rudimentary plan is better than no plan at all , and those without one will suffer a much higher impact .
The incident response plan needs to outline the steps to be followed when a data breach occurs . Teams need to identify and classify data to understand what levels of protection are needed , a step that is regrettably missed all the time . For instance , personal identifiable customer information needs a different level of protection to the photos from the last Christmas party .
Teams also need to maintain cyber hygiene through regular patching , and since 90 % of breaches start with an email , it is very important to have email protection , multi-factor authentication and end-point protection to prevent any lateral movements by cybercriminals .
Perhaps my biggest piece of advice is to have experienced personnel monitoring your environment 24 / 7 , 365 days a year ( including Christmas ). This is essential to minimize dwell time in your environment , which is the point where the breach happens to the point you realize it has occurred . Cybercriminals spend an average of 56 days within environments before an attack becomes apparent . That means they ’ ve got 56 days to do whatever they want with your information .
This 24 / 7 monitoring becomes a challenge when organizations don ’ t have the internal skills to run cyber programs . Most business heads I speak with have one or two people responsible for handling cybersecurity , and cyber comprises just one part of their broad and demanding jobs . They simply don ’ t have the capacity to keep an eye out for nefarious activity or deploy their own Security Operation Center ( SOC ) capability . I advise leaders take the time to identify business risks and align cyber capabilities with these risks . The upshot of this can either be an upskilling of your team to meet threats or the seeking of external assistance to get on top of the issue . This will ensure you are in the best position possible to quickly detect , respond and recover from a cyberattack when it occurs .
34 INTELLIGENTCIO APAC www . intelligentcio . com