“How Prepared Are You?”
What happens when your traditional layers of cybersecurity fail? How can you stay ahead of the game? Nobody could ever be prepared enough when it comes to cybersecurity. The best that one can do is to expect the worst and be ready to receive the impact when it comes.
The Age of Digitalisation brought much success to many businesses, be it SMEs or big corporations. However, with these success stories, an alarming number of cyber attacks are reported in recent years. These cyber attacks hinder businesses and greatly affect many aspects such as credibility, work efficiency and most importantly loss in revenue. Cyber attacks can come in various forms, examples include malware, phishing emails and more which can lead to possible data breaches.
According to a 2019 survey by endpoint security firm, Carbon Black, 96% of the surveyed Singapore firms have had data breaches due to cyber attacks. The results are worrying as data breaches can impact a business financially to a huge extent. These attacks are estimated to cost Singaporean businesses $1.7million per breach, according to Channel Asia. These numbers can easily cripple and crumble many SMEs that are not financially ready to receive such an impact. In Singapore and Malaysia, SMEs contribute to 40% each for their nation’s GDP, translating that the importance of SMEs in these countries.
With the recent changes to the Personal Data Protection Act (PDPA) in Singapore, businesses that are found guilty of a data breach are now expected to pay a heftier fine based on their annual company turnover. This is to ensure a safer environment in the digitised world by strengthening data protection standards. From SMEs to big corporations, there is always much valuable and personal data that can be potentially compromised. The data may include customer’s personal data as well as employee’s personal data such as NRIC, Date of Birth, residential addresses and bank information. In recent news, Eatigo reported a data breach with potentially 2.8 million accounts illegally accessed. Similarly, Lazada, reported a data breach from their recent acquisition, RedMart. It was reported that personal information from 1.1million RedMart accounts was stolen as a result of the data breach.
If you think that SMEs are safe from cyber attacks, you are wrong. In fact, 43% of cyber attacks were reportedly targeted at SMEs. In 2019, Homegrown fashion label, Love, Bonito reported a data breach with their users’ information compromised. SMEs may not be able to cushion such an impact financially compared to big corporations with deep pockets, especially with the new amendment to the PDPA. For many SMEs, it could mean the closure of businesses. However, there are certain measures that SMEs could implement to prevent being caught in such a situation.
Hire an external consultant
Businesses should always be looking towards increasing productivity and efficiency that translates to revenue. This is why hiring an external consultant or a service provider to manage your data and cybersecurity needs is vital. Businesses shouldn’t be worrying about scouting for cybersecurity talents. Not only are they much more costly, it is also more feasible to let a team of experts who specialise in specific areas of expertise, manage your data and security solutions. In addition, they are well equipped with knowledge and experience which can definitely bring much value in the event of a cyber attack. Hence, there is a business case for engaging MSPs to handle cybersecurity as it is more cost efficient.
Let the experts manage and mitigate cyber risks while your business focus on the main goal of profiting.
You can be well protected in every aspect, thinking there are no loopholes. However, research has shown that more often than not employees unknowingly aid in cyber attacks leading to data breaches. According to Security Magazine, employees are behind 4 in 10 data breaches. Phishing emails and file-based malware are among a few common deceits that employees usually fall for. This suggests a strong need for businesses to provide frequent training on cybersecurity for their employees as they are the weakest link.
The big question: WHAT IF? When all else fails, what can businesses rely on? Most businesses may already have security measures implemented to prevent cyber attacks however, in the worst case scenario, a data breach might still happen.
Cyber insurance helps businesses cushion their financial impact in the case of a cyber attack and data breach. For example, during an email phishing incident, cyber insurance covers the entire cost of the forensics process which is a huge financial setback for businesses if not insured. In ransomware incidents, bitcoins are usually the currency requested to be paid in. However, if insured, the ransom fee would be covered in full. SMEs can easily crumble if caught in situations like these, paying a huge sum of money for forensics and bitcoins.
Where and How to Get Covered?
Netpluz Asia is the first Managed Communications Service Provider (MSP) to introduce cyber insurance into our existing wide array of comprehensive data, voice and video solutions. As a one-stop MSP with 24/7 support, Netpluz Asia can help spur your businesses on to greater heights while making the journey smooth and secure by the delivery of high quality services.
An upcoming webinar by Netpluz Asia featuring Commercial Director, Kenneth Wee and guest speaker from Chubb, Elsa Xu, Financial Lines Manager, aims to highlight the topic of cybersecurity management, risk transfer and how insurance comes into play.
To find out more about the webinar and cyber insurance click here
Baharudin, Hariz. “Love, Bonito Customers’ Data Breached, Credit Card Details Exposed, Watchdog Investigating.” The Straits Times, 13 Dec. 2019, www.straitstimes.com/tech/love-bonito-customers-data-breached-credit-card-details-exposed-watchdog-investigating.
“Carbon Black Reveals 96 Percent of Firms in Singapore Suffer Data Breaches.” CISO MAG | Cyber Security Magazine, 3 Oct. 2019, cisomag.eccouncil.org/around-96-percent-of-singapore-businesses-suffer-data-breach-survey/#:~:text=Around%2096%20percent%20of%20Singapore%20Businesses%20Suffer%20Data%20Breach%3A%20Survey,-By&text=According%20to%20the%20research%20findings,an%20increase%20in%20attack%20volumes.
“Eatigo Reports Data Breach, Personal Data from Customer Accounts Listed for Sale Online.” CNA, www.channelnewsasia.com/news/singapore/eatigo-data-breach-personal-information-millions-account-13425082.
Henderson, James. “Security Attacks Cost Singaporean Businesses $1.7M per Breach.” Channel Asia, www.channelasia.tech/article/670400/security-attacks-cost-singaporean-businesses-1-7m-per-breach/.
Kapur, Ricky. “Cybersecurity for Small-and-Medium Enterprises in Asia Pacific.” Microsoft Stories Asia, 29 Oct. 2020, news.microsoft.com/apac/2020/10/29/cybersecurity-for-small-and-medium-enterprises-in-asia-pacific/.
“Lazada Suffers Data Breach; Personal Information from 1.1 Million RedMart Accounts for Sale Online.” TODAYonline, www.todayonline.com/singapore/lazada-suffers-data-breach-personal-information-11-million-redmart-accounts-sale-online.
“Microsoft: Digital Transformation Doesn’t Make SMEs Immune to Cyber Threats.” Securitybrief.Asia, securitybrief.asia/story/microsoft-digital-transformation-doesn-t-make-smes-immune-to-cyber-threats.
“Stressed Employees behind 4 in 10 Data Breaches.” Www.Securitymagazine.com, www.securitymagazine.com/articles/93921-stressed-employees-behind-4-in-10-data-breaches.
Wong, Lester. “Parliament: Proposed Changes to PDPA Include Stiffer Fines for Data Breaches, Mandatory Notification When They Occur.” The Straits Times, 5 Oct. 2020, www.straitstimes.com/politics/parliament-proposed-changes-in-law-include-stiffer-fines-for-data-breaches-mandatory.
Author: Sebastian Toh
Cyber activities are becoming more common than you think. According to a survey report released by the Cyber Security Agency of Singapore (CSA), there has been a huge increase in cyber threats such as data breach.
Businesses in Singapore suffered losses of around S$58 million in 2018, representing an increase of about 31 percent from 20171.
With the risk of high loss due to cyber threats, this blog article aims to share some simple and cost-effective ways to keep your business safe in the upcoming year.
To begin, let’s first have a basic understanding of the possible cybercrime and its impact.
In today’s internet world, data breaches are becoming more common for businesses, regardless of the organisation’s size and complexity. Data breach is a security vulnerability where confidential data or sensitive information is released to untrusted websites or misused by cybercriminals. This means that data is at risk of being stolen, transmitted or viewed by unauthorised people outside of your company, which can also be known as a data leak.
Some business owners may think that having a single firewall is sufficient enough to deal with a cyberattack. This mindset increases the attractiveness of the cybercrime industry and provides more targets for attackers to make their profit. A data breach can happen to an organisation in multiple ways such as
Employee Focus attacks: Cybercriminals could send malicious emails that look valid and real to simply request the targeted employees to send in the required details. Employees who have been deceived will unknowingly leak important information that provides hackers with access to all your organisation’s data.
Alternatively, it could be due to sharing of private information to the wrong person. For instance, attaching an important document that contains customer details to someone outside of your organisation who does not have any permission or right to view, and the file can be read by them without any further authentication, like a password.
Malware attack: The data that your organisation owns is very attractive to cybercriminals. To obtain those valuable data, cybercriminals could use malware to hack into your system. One of those is known as Ransomware, which is a malicious program used to acquire a significant amount of data and likely to perform encryption in a single attack. With that, the cybercriminal is able to demand and threaten for payment from the victim in exchange for a decryption key.
Upon data breach, there are many lethal results that could lead to termination of business operation, temporarily or permanently. Data breaches can damage both business and consumers in terms of reputation, which is costly and timely to be repaired. Moreover, businesses may face additional damages in the form of fines or penalties. These consequences may vary due to the type of data breaches and violation of the Personal Data Protection Act.
PDPA is a law that aims to protect all relevant information of an individual such as NRIC, bank account details, among other information against any organisation that is likely to have revealed, collected and used it, despite the credibility of the information. With PDPA, this means that all corporations in Singapore will have to follow a set of baseline standards when managing possession of all individual’s data, even by the firm’s own employees.
The Personal Data Protection Commission (PDPC) has been established to manage and enforce PDPA. The PDPC will determine if a business is not in compliance with PDPA, and the particular company may receive instructions and consequences, such as terminating any collection, use, and disclosure of data in business operations. The company would also be expected to pay fines not exceeding S$1 million.
With the growth of the internet, there are different security needs such as the application, cloud, mobile, network and endpoint securities. Also, data loss prevention, identify and access management. Cybersecurity is the general IT term to cover different defence remedies and it will allow your corporate to secure the system against any cyberattacks that may lead to data breaches.
These are some easy and effective cybersecurity methods that can ensure that all vulnerable devices, applications, networks, and data in your company’s holding are being protected against any threats.
This can be done by first installing security software that includes anti-virus and anti-spam filters, which can help your business reduce the possibility of falling for phishing emails and mitigate malware infection.
Also, a firewall could be applied together to track the in and out traffic between all your company computers and the internet. With a firewall in place, the business internal network can be further secured.
Always make sure that your data in files are encrypted in secret code or password when sharing on to the internet. This helps to reduce the risk of data being stolen or destructed online.
By stating out the relevant rules and regulations, your employees can be educated on security issues and things to take note of when they are visiting internet sites or emails.
The right cybersecurity is needed in order to mitigate your corporate’s sensitive data such as financial information, trade secrets or intellectual property of the customers or users. With cyber attackers and hackers becoming more prominent and creative it is difficult to acquire an effective solution. Not to worry! At Netpluz, we have partnered with leading cybersecurity vendors such as Nexusguard, Sophos, Druva and many more that can provide a variety of cybersecurity solutions that can help your company reduce the negative impacts of data breaching and at the same time save cost.
Author: Ada Foo Jiaxin
1 CISOMAG. “Around 6,200 Cyber-Attacks Reported in Singapore Last Year: CSA.” CISO MAG | Cyber Security Magazine, 20 June 2019, www.cisomag.com/around-6200-cyber-attacks-reported-in-singapore-last-year-csa/
Irwin, Luke. “The 6 Most Common Ways Data Breaches Occur – IT Governance Blog.” IT Governance Blog, 11 Mar. 2019, www.itgovernance.eu/blog/en/the-6-most-common-ways-data-breaches-occur.
“What Is Cyber Security Threat Mitigation? Webopedia Definition.” Webopedia.Com, 2019, www.webopedia.com/TERM/C/cyber-security-threat-mitigation.html#:~:targetText=Cyber%20security%20threat%20mitigation%20refers,when%20security%20attacks%20do%20happen.
What is Cybersecurity (Cyber Security)? Everything You Need to Know. “What Is Cybersecurity (Cyber Security)? Everything You Need to Know.” SearchSecurity, 2019,
“How to Protect Your Business from Cyber Threats | Business.Gov.Au.” Business.Gov.Au, 15 Oct. 2019, www.business.gov.au/Risk-management/Cyber-security/How-to-protect-your-business-from-cyber-threats.
One of the key challenges for organisations today is how to safeguard their information systems and digital infrastructure from attacks by malicious hackers and cybercriminals. Current concerns for most companies are often related to data breaches, with so much media coverage focusing on recent cases.
“Despite having received professional advice to take precautions against such vulnerabilities, the organisation omitted to conduct a full code review…and hence failed to discover (the vulnerability) that was exploited in this case.”
No matter how certain organisations are about their defences, there are always risks to their security because of frequent changes and updates made to their digital infrastructure.
Due to these issues, vulnerability assessment and penetration testing (VAPT) come in place as a solution to identify the unknown vulnerabilities and set immediate remediation to mitigate cybersecurity risk for the company.
According to PDPC, eight organisations were found to be in breach of the Personal Data Protection Act (PDPA).
Vulnerability Assessment & Penetration Testing (VAPT) is necessary to spot your vulnerability. VAPT result shall deliver quality assessment through the eyes of both a hacker and an experienced and certified security expert to discover where you can improve your security posture.
The findings (vulnerabilities) would be delivered as reports that shall be used to effectively remediate any of the vulnerabilities and answer these following questions:
“Knowing your vulnerability and the way in which the attackers could exploit them are one of the greatest insights you can get in improving your security program.”
Singtel fined $25,000 and Ninja Van $90,000 for data breaches, The Strait Times, Nov 5, 2019. – https://www.straitstimes.com/business/companies-markets/singtel-fined-25000-and-ninja-van-90000-for-data-breaches
New Commission’s Decisions on 4 November 2019, PDPC, Nov 4, 2019 – https://www.pdpc.gov.sg/pdpc/news/latest-updates/2019/11/new-commissions-decisions-on-4-november-2019
Protect Against Advanced Email-Based Attacks Wednesday, 24 February 2021, 2PM – 3PM Email phishing is one of the greatest security threats facing organisations globally. With the pandemic accelerating digital transformation and with workforce disconnected from the
Data Breach – When Traditional Layers Of Cybersecurity Fail “How Prepared Are You?” What happens when your traditional layers of cybersecurity fail? How can you stay ahead of the game? Nobody could ever be prepared enough
Webinar | Cyber Risk Management in the New Digitalisation Age Cybersecurity Management and Risks Transfer Considering the complex, dynamic network and devices that businesses must govern across firewalls, applications and cloud – Cybersecurity is no longer
Netpluz ranks in Top 10 Among Top Managed Services Providers With the continuous support from our valued customers, partners and business associates, Netpluz is pleased to announce that we have managed to clinch a spot in
Choosing the best cloud model for your business Simply put, cloud computing is the delivery of computing services—including servers, storage, databases, networking, software, analytics, and intelligence—over the Internet (“the cloud”) to offer faster innovation, flexible resources,
Webinar Recording | Fight Against the Rise of Ransomware Click the video to play – Source:Youtube.com Stories of organizations crippled by ransomware regularly dominate the IT news headlines, and accounts of six- and seven-figure ransom demands
Webinar Recording | Simplifying Communication with Microsoft Teams & Netpliz SIP Trunk Click the video to play – Source: youtube.com The current period, with so many working from home due to the global Covid-19 pandemic, has
Netpluz Asia Pte Ltd receives Business Eminence Award 2020 With the support of our valued customers, partners and business associates, Netpluz Asia is pleased to announce that we have been awarded the Dun & Bradstreet Business
The Results… Customer satisfaction is a key performance indicator for Netpluz. The survey helped us to measure our relationships with our customers and highlight areas for improvements. With the feedback we have gathered in 2019, Netpluz
LIVE Webinar | Understanding SME’s Obligation in Data Protection and Cybersecurity Zooming into the responsibilities of Business, IT and Compliance during and post COVID-19 26 June 2020 | 2.30 PM to 4.00 PM We know the
Webinar: eSentinel™ – 360° Managed Cybersecurity, Simplified No matter how good your multiple cybersecurity tools are, an attacker will eventually find a way into your network through vulnerabilities. Once cybercriminals acquire unauthorised access, you can only
Dear Customers, Partners and Friends of Netpluz, During this unprecedented time, as COVID-19 continues to spread globally, our priority is the safety of people, especially our employees. We have already ensured, prior to the outbreak, that our employees
WORK@HOME Webinar: Microsoft O365 & Teams Maximise your BCP efforts with the right solutions! With COVID-19 continuing to impact people and countries around the world, teams everywhere are moving to remote work. In this free webinar, experts on Microsoft
With the current outbreak of Coronavirus (2019-nCoV), officially named “Novel Coronavirus Pneumonia” or NCP by Chinese Health Authorities in China, businesses in the region have started to relook at their Business Continuity Plan (BCP) on how
Cyber Security is the protection of not only internet-connected systems (including hardware, software or electronic data) from theft or damage by cybercriminals but also from disruption of services following a successful cyber-attack. According to the Cyber
An ounce of prevention through Vulnerability Assessment and Penetration Testing (VAPT) is worth a pound of cure We all have witnessed the notorious cyber-attacks like WannaCry and NotPetya/ExPetr.1 These high profile attacks have resulted in large
In this day and age, customers are no longer assessing shopping malls, hotels, and other businesses solely based on their products and services. With internet connectivity being an integral part of our daily life, customers view
Microsoft will no longer update or provide support for Windows 7. This means that Windows 7 users will need to start thinking about finally moving on from their favourite Windows operating system. Systems that are running
PDPA Compliance – Is Your Corporation’s Data Free From Cyber Threats Such As Data Breaching? Cyber activities are becoming more common than you think. According to a survey report released by the Cyber Security Agency of
STABILITY OR SECURITY: MAKE THE RIGHT CHOICE BETWEEN STATIC IP AND DYNAMIC IP Business Internet Connectivity It has become common for businesses like yours to be bombarded with broadband packages from various Internet Service Providers (ISP).
The Difference Between Public VS Private Cloud Businesses are transforming more application are moving into the clouds. Gartner predicts that by 2021, businesses will adopt an all-in cloud strategy. When businesses start to use SaaS (Software
IS SD-WAN RIGHT FOR MY BUSINESS? SDWAN (or SD-WAN) stands for Software-Defined Wide Area Network is gaining popularity among business, especially those who require simplicity in expanding their connectivity across their regional offices or branches. Most
Tier-based cloud security standard. The Multi-Tier Cloud Security (MTCS) Singapore Standard (SS)584 is a cloud security certification managed by the Singapore Info-comm Media Development Authority (IMDA). The MTCS SS is the world’s first cloud security standard that covers
What happened recently with so much Data Breaches news coverage? One of the key challenges for organisations today is how to safeguard their information systems and digital infrastructure from attacks by malicious hackers and cybercriminals. Current
5 Benefits Why You Should Engage a Managed IT Services Provider Why should any company engage a managed IT services provider? In this article, we will discuss five benefits for your company, including improving your own
Quality Communication Services with Cyber Protection The internet revolution has radically altered the way business is conducted. The size and location of business are becoming increasingly unimportant, in today’s internet-connected global playing field. Furthermore, with
Everything you need to know about SD-WAN: The top 3 benefits of using this next generation technology for digital transformation What is SD-WAN? With businesses shifting towards the age of digital transformation, SD-Wan is emerging as
As the Gold Sponsor, Netpluz is delighted to invite you to attend Cloud Expo Asia 2019. We would like to invite you to attend Asia’s Largest technology gathering to learn and source from the Tech industry’s
We live in an interconnected society whereby information and data is readily available at the tip of our fingertips, literally. You’ve most likely been reading about various cyber-attacks in the news, and have heard about the
360° Cyber Security Protection for Business With a few strokes of a keyboard, rogue individuals or hackers can launch a cyber-attack such as Distributed Denial-of-Service (DDoS) from anywhere, at any time, disrupting and damaging your
NETPLUZ, a homegrown provider of Managed Services for Data, Voice, Video and Cyber Security solutions, has launched Software Defined Wide Area Network (SD-WAN) solutions to enable and simplify current and future customers’ transition to a future ready cloud-based software defined WAN.
Addressing cyber security issues related to SMEs, the event will gather senior management and Security Professionals to raise awareness, share ideas and solutions to tackle critical operational issues facing the sector.
Netpluz Asia Pte Ltd, a newly formed homegrown managed services provider, said today it is paying S$3 million for the business assets of two Mediaring communications companies – Mediaring Network Services (MRNS) and Mediaring Communications (MRC).