Bangkok April-May 2022
31.05.2022 Views
Share Embed Flag

Bangkok April-May 2022

ePAPER READ
DOWNLOAD ePAPER
businesssupplement

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

START NOW

BUSINESSES NEED TO STRENGTHEN

THEIR ONLINE DEFENSES

The war in Ukraine and its diplomatic

conflict with the west continue

to escalate, the warnings that Russian

hackers could go after foreign

businesses have gained new urgency.

Businesses should strengthen

their online defenses, as cyberattacks

could be used as a means of

escalating the crisis. In a March 18

advisory to US businesses the FBI

warned that hackers linked to Russian

internet addresses have been

scanning the networks of five US energy

companies.

And experts have warned of 'significant'

vulnerabilities in systems

that Russian hackers can exploit, as

evidenced by attacks last year that

breached Florida's water supply, hit

one of the world's largest meat producers

and shut down one of America's

largest fuel pipelines for several

days.

Here's what businesses can do to

better protect themselves.

Updates, patches and backups

It may sound like an obvious and

straightforward fix, but experts say

keeping your system's software up

to date is an important way to prevent

many attacks. Those software

updates will often include security

patches to fix loopholes that hackers

can and do exploit.

"It's like raising the cost for the

adversary... if I make it a little harder,

they go on to the next victim," said

the Cyber Readiness Institute, which

provides resources for businesses to

shore up their cyber defenses.

Multi-factor authentication, which

supplements passwords with an additional

login method such as a numbered

code from a separate device or

a fingerprint scan, is also becoming

something of a must-have for companies

to secure potential entry points

into their networks.

It's important for businesses to

also have a contingency plan in case

they do get attacked, and one of the

best ways to do that is having backups

of critical or sensitive data stored

outside the system.

"Can I restore operations from

my data backups if I go down? Do

I have an alternate way to do business?"

the institute says "Those are

the business resiliency, the continuity

plans that small businesses have to

have, and in the middle of the crisis is

not the time to find out I have a gap."

Cyber insurance

As the risk of cyberattacks increases

— particularly ransomware

attacks that can extract millions of

dollars to restore systems — companies

are increasingly opting for additional

insurance plans that can help

pay for damages and losses from

cyberattacks.

Demand for cyber insurance has

gone up in recent years, according to

providers and industry experts, driving

up premiums for those plans by

as much as 22% between 2019 and

2020. But for companies that can

afford it, it's a good way to not only

protect against damages but also

to keep them more vigilant against

threats in the first place.

'This is different': Why internet

backbone services are cutting off

Russia

Cyber insurance is becoming extremely

expensive, but also kind of

levying requirements on businesses

to make sure that they're covered

and protecting themselves as well

highlighting that insurance firms will

often have a list of questions companies

have to answer and protections

they must have in place to even qualify

for a plan.

But companies should be wary of

treating cyber insurance as the beall

and end-all of protection against

attacks, Evans warns. Companies

need to evaluate their risk and make

systemic changes regardless of

whether they're protected after the

fact.

It's not necessarily: 'Oh, I bought

cyber insurance and I'm done,'".

To complicate matters further

when it comes to Russian cyberattacks,

insurance companies often

have clauses making exceptions for

acts of war and attacks by nation

states, in which case the policy does

not apply.

Employee awareness

Although companies must protect

themselves at the network and system

level, past precedent shows that

attacks can originate from even a single

compromised device, account or

email address.

Three of the four pillars of cyber

protection that the Cyber Readiness

Institute urges companies to address

— weak passwords, external USB

drive usage and phishing attacks

(where hackers use deceptive links

to obtain personal data) — tend to

exploit individual users.

When you look across the board,

it's a culture change that has to happen.

No matter what the size of an

organization is — it's the leadership,

it's the CEO, it then cascades down

to all the employees."

Ultimately, many cyber vulnerabilities

come down to human error and

lapses in judgment, and that's why

companies need to raise awareness

among employees about cyberattacks

and steps to mitigate them. The

rise of remote work during the pandemic

has further complicated that

task, with distributed workforces providing

hackers with many more potential

entry points into the network.

May be it’s time to review your

preperations!

Steve Dickens

has worked in managerial and consultancy roles

for over 40 years with international technology

companies,15 of which have been here in

Thailand He can be contacted at

stevedickens@hotmail.com

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!