Singapore sees more security incidents than global in 2016: PwC

Sng speaking during Moving Forward with Cyber Security - Singapore Findings from The Global State of Information Security Survey 2017 at CSX 2016 Asia Pacific.

The number of security incidents have increased in Singapore over the past year, compared to the rest of the world, where security incidents actually declined, disclosed Jimmy Sng, Partner at PricewaterhouseCoopers (PwC) Consulting, drawing on Singapore data from the PwC Global State of Information Security Survey 2017. Sng explained that this is because Singapore companies are building the capability to detect incidents, and estimated that roughly 500 incidents occur a month.

At a session titled Moving Forward with Cyber Security - Singapore Findings from The Global State of Information Security Survey 2017 during the inaugural CSX 2016 Asia Pacific conference in Singapore Sng said the findings form a skeleton to start thinking about cybersecurity the audience's own organisations.

"Many organisations don't even have a full-time headcount dealing with incidents," he noted. "The speed of the investigation is a challenge."

Data most affected by security incidents in Singapore are topped by compromised employee records at 40% of respondents against the global average of 31%. Sng noted that HR departments are a favourite target for cyber criminals.

Third party service providers are a large vulnerability both globally (54%) and in Singapore (48%). Activists are disproportionately represented in Singapore compared to globally, with 32% of cybersecurity incidents attributed to them.

Singapore's expenditure on cybersecurity is higher than the global average.

More than half of respondents in Singapore said advanced authentication makes transactions more secure.
"The password alone is no good," said Sng. "Many Singapore companies want to use biometrics."

More organisations are running sensitive functions in the cloud.

Sng presented five guidelines on planning security architectures, from understanding that it is impossible to secure everything to prioritising the most important assets to protect. The architecture, threat intelligence and governance are all critical.

Sng pointed out that data is 'porous' as many things can be done with it and to it. "You can duplicate it, you can disseminate it easily but if you don't know the lineage of the data, the organisation will be in for a shock at some time," he said. "Do you know your organisation from a data and system perspective?"

Creating a risk-aware culture is important, he added. "Without understanding the risk you are just putting in a lot of policies," he said. "Get the workforce, the suppliers to understand the risk and respond to risk."

People should be another focus. "Attacks are now not on web pages. A lot are through workforce interactions, emails. Educating people to ensure they become the first line of defence is also important," he said.

The definition of a good security strategy is not about prevention alone today, as some incidents cannot be prevented. A good strategy will include good response and recovery procedures, Sng said. "Part of a good (security strategy) is that if an incident happens, how do you respond to it, how do you recover from it, do you have that continuity and resilience, how do you monitor and detect incidents," he said. "Clients are extremely good about describing the protection, not so good on detection, and response sometimes doesn't exist."
 
Last but not least, Sng said governance has a place in cybersecurity. "Even if you have all the components (of a security lifecycle) organisations need to learn how to govern it," he said. "Get senior management involved...  track security against strategy and budget; there should be some way to report incidents to the board and benchmark them."

Interested?

View the PwC Global State of Information Security Survey 2017

Compare 2017 findings for Singapore with the 2016 findings

posted from Bloggeroid