Ransomware continues to be the most significant cyber threat, causing affected businesses operational shutdowns and financial and reputational losses. Yet, businesses often realise the value of cyber security only when an attack occurs. Dr Catherine Wu, secretary-general of GeekCon 2024 International, and Daniel Wang, the founder of GeekCon, share how businesses should take a holistic approach to strengthen their defences to protect critical data and operations.
What are some of the key cybersecurity best practices that businesses should implement? Is there a difference between small, medium, and large businesses?
Basic security measures, such as employee security education, regular security testing, and strong password policies, are essential for all businesses. However, there is no one-size-fits-all solution. As attackers evolve, defenders must also advance.
Small businesses should focus on protecting their core assets. Meanwhile, medium-sized businesses must ensure process security and invest in various security services. As for large enterprises, which often face more attacks (with 20% of top companies suffering 80% of attacks) and typically invest more in security, they must continually simulate attacker methods to test and strengthen their security measures.
How important is it for businesses to have a dedicated cybersecurity team? What are some of the first issues to tackle once the team is established?
A dedicated cybersecurity team is crucial for understanding and defending against potential attacks. We can only know how to defend if we understand how attacks occur. A red team that comprehends sophisticated attacks is necessary for thorough testing.
See also: Alibaba anoints new chief in revamp of stalling commerce arm
With a security team, it is easier to understand potential attacks, organise effective defences and respond quickly to incidents, leading to smaller losses.
The first task for a newly established team should be to inventory the company’s assets from an attacker’s perspective and identify which assets are exposed to potential threats. Only by understanding the attackers’ objectives from both offensive and defensive perspectives can we effectively defend against them.
Studies have shown that human errors could lead to cyber breaches. What common mistakes do employees make that compromise cybersecurity, and how can this be prevented?
See also: Break up Google? What’s at stake in antitrust action
Common mistakes include clicking on links from unknown sources, opening suspicious files, and setting weak passwords. To prevent these mistakes, businesses should provide regular training for employees, establish a security team, and conduct periodic attack and defence simulations to reinforce good security practices.
Additionally, businesses should conduct practical exercises to enable employees to learn firsthand how attackers think and execute their strategies. Understanding attacks is essential for effective defence.
What should a business’ immediate steps be following a cybersecurity breach?
After a cybersecurity breach, businesses should take immediate steps to prevent further risks. The steps include isolating or taking offline affected systems, cleaning up the attack, and promptly patching vulnerabilities. The security team should initiate a pre-prepared incident response plan to minimise damage and facilitate a quick recovery.
How important is it for businesses to have a comprehensive incident response plan?
Incidents are unavoidable. Vulnerabilities can never be entirely eliminated, and attacks will continue to occur. The goal of incident response is to find the root cause as quickly as possible and solve the problem in the shortest amount of time.
Having a comprehensive incident response plan is critical for minimising losses and ensuring a swift and effective response to security incidents. Without such a plan, businesses risk ineffective responses that can lead to greater damage or losses and longer recovery times.
To stay ahead of the latest tech trends, click here for DigitalEdge Section
How can businesses do more to protect the workplace?
Our research on the Internet of Things and smart building facilities shows that many so-called smart buildings face significant security threats. Therefore, businesses should enhance workplace security by implementing different security levels and strategies, conducting guest security reviews, and increasing employee security awareness. Close-range penetration tests can assess the cybersecurity of electronic devices in the workplace, such as isolating public Wi-fi networks and securing exposed network interfaces.
How do you see the role of government regulations in enhancing cybersecurity for businesses and individuals? Are there any specific policies you believe must be implemented to improve overall cybersecurity?
Government regulations play a vital role in setting cybersecurity standards, especially for key industries. These regulations help safeguard the minimum level of cybersecurity, protect consumer privacy, and encourage businesses to adopt best practices. Effective government policies can improve overall cybersecurity and ensure a safer digital environment.
Given the current situation, cybersecurity is still a simple binary issue — black or white, zero or one. In reality, cybersecurity efforts need to be quantified to encourage more businesses to view cybersecurity as a core competency. This quantification will promote continuous investment in cybersecurity and ultimately protect consumers’ safety.
It will benefit the government to:
- Introduce policies that encourage regular security testing and offensive and defensive testing in critical industries.
- Support companies that excel in cybersecurity and promote legal cybersecurity services are also important.
- Establish standards to measure the cybersecurity levels of enterprises can help businesses identify their strengths and weaknesses in cybersecurity and make more strategic security investments.
What are some emerging trends in cybersecurity that businesses and individuals should be aware of?
Firstly, the cybersecurity landscape has become increasingly stratified, with varying levels of security across different enterprises and consumer products. Companies that invest heavily in security measures achieve higher protection levels, yet it remains challenging for consumers to recognise these differences. Meanwhile, consumers often struggle to assess the security of products and identify those that meet their specific security needs.
Secondly, as more data is uploaded to the cloud and subjected to data mining, concerns about consumer privacy and data security are growing. Ensuring robust cloud security measures is becoming a top priority.
Finally, the advancement of artificial intelligence (AI) has significantly bolstered cybersecurity efforts. AI technologies are being utilised to detect and respond to threats more efficiently, enhancing overall security frameworks. However, we should also be aware that if cybercriminals also use AI, the threats we face could become even greater.
