Seizing the Opportunities of Digitalisation

In Alder, We Make Things Easier

Find out more on how our experts can help you and your business

Nowadays, digitalisation has changed the way businesses interact with their target audiences and the way people searching for a product or service. Consumers are no longer playing a passive role as the recipients of marketing communication. Instead, they are actively seeking for information of the product or service through various channels. At the same time, digitalisation also enables businesses to access greater functionality and reduce frictions in customer journey through streamlined business processes. However, greater exposure to digital technology can often lead to a higher risk of security attacks when there is a weak spot that threatens the cybersecurity of the organisations.

Surge of Cyberattacks amid Covid-19

Cybersecurity is becoming a growing issue as a result of a dramatic increase in the number of cyberattacks. According to an annual report published by the Cyber Security Agency of Singapore (CSA), there was an increase in cybercrime with a total of 16,117 cases reported in 2020. The implementation of working from home (WFH) arrangement following Covid-19 outbreak in 2020 are exposing companies to greater cyber risks. This happens especially when the remote employees do not have appropriate safeguards such as a firewall in place to secure their home networks. Global threats actors who identify such exploitable security gaps will take advantage to steal confidential data for unlawful use.

Recent Data Security Incident

In fact, organisations in various sectors including financial institutions, telecommunications companies and cosmetics companies can be the victims of cybercrime. For instance, in the second week of January this year, a French cosmetics company based in Singapore has reported a data breach incident. Personal data of their clients including name and contact details may have been compromised due to a security flaw newly discovered in the Log4j. Log4j is a Java-based software widely used by companies to manage their database and keep track of activities. The security flaw found in the Log4j will allow hackers to take control of the computer system and launch a ransomware attack. To mitigate these Log4j-related vulnerabilities, the cosmetics company has implemented security patches as part of their remediation efforts and they are now working closely with security experts to address potential IT security threats.

So, What’s the Cybersecurity Best Practices for Small and Medium-Sized Enterprise (SME) Owners?

According to CSA, most of the ransomware victims in 2020 were SMEs which indicates that they are at higher risk of cyberattacks. This is most likely due to their lack of technical capabilities and expertise to implement adequate data security measures. Furthermore, some SME owners often think that investing in cybersecurity will incur a higher operating cost. As a result, they tend to jeopardise cybersecurity and focus on other business areas that can drive profitability. As SMEs form an integral part of the nation’s economy, SMEs should start taking proactive approach to protect their stakeholders’ data. SME owners are playing a critical role in cultivating a corporate culture of cybersecurity. They should allocate some budgets to invest in cybersecurity and put in place a training and awareness programme to ensure that all the employees are having basic knowledge of cybersecurity and know how to handle various types of incidents.

Conclusion

In summary, companies should adopt a zero-trust approach to security and implement necessary measures to help monitor and control cyberattacks. On the other hand, employees should understand their roles as the first line of defence in the organisations and proactively build up capabilities to handle and resolve cybersecurity incidents. The proliferation and sophistication of cyberattacks are posing significant threats to all enterprises including multinational corporations and SMEs. Hence, it is important for companies to consider cybersecurity as the key business concern and beef up their cybersecurity efforts. By doing so, it can help create a safe cyberspace and promote cyber hygiene practices in the organisations.

How we can help

• Assist in the development of a comprehensive Data Protection Management Programme (DPMP)
• Draft and review of policies and other supporting documents aligned with the DPTM Certification Framework
• Walk through the DPTM application and certification process
• Assist in the application of funding support

Reference Materials

Cyber Security Agency of Singapore (2021). ‘Singapore Cyber Landscape 2020’. Available at: https://www.csa.gov.sg/News/Publications/singapore-cyber-landscape-2020

Ganesan, N. (2022). ‘Cosmetics company Clarins hit by data security incident, ‘may involve’ Singapore customers’ personal information’, Channel News Asia, 11 January. Available at: https://www.channelnewsasia.com/singapore/clarins-data-security-incident-singapore-customers-personal-information-log4j-software-vulnerability-2428066