Authored By: Charlie Chan, Chief, Enterprise Business Group, StarHub
 
System breached. Data leaked. Crisis communications needed. That’s the scenario of a ransomware attack that many organisations dread. Unfortunately, it has also become a nightmare come true for some in recent years.
 
In 2020, 89 cases of ransomware attacks were reported in Singapore, according to the Cyber Security Agency of Singapore. This is a massive 154 percent jump from 2019. And the situation’s getting worse because 68 cases were reported in just the first six months of 2021.
 
Exacerbating this is the pandemic which has resulted in many people working from home or in a hybrid work arrangement. Providing access to networks and critical data to support a remote workforce can expose enterprise IT infrastructures to greater security risks.
 
The cost of cyberattacks is high – disrupted or crippled operations, financial risks, legal liabilities, shaken customer confidence, and damaged reputation are just a few of the consequences.
 
Singapore’s government stepped up its action to protect personal data with the Personal Data Protection (Amendment) Act in November 2020. Under the act, organisations need to report a breach within 72 hours and face a financial penalty of up to S$1 million.
 
The truth is that attacks have become more sophisticated and harder to defend against, putting many networks at risk.
 
Agile and highly responsive security strategy is vital
How an organisation plans for and executes an IT security strategy is vital for business continuity. A key consideration is to have an agile and highly responsive security strategy.
 
The United States’ National Institute of Standards and Technology (NIST) provides a good cybersecurity framework listing five functions – identify, protect, detect, respond, and recover – when developing such as strategy.
 

• Identify the business environment, hardware, and software on premise or in the cloud, cybersecurity policies and regulatory compliance, and vulnerabilities and threats to the IT infrastructure.

• Protect critical infrastructure services that support the business and limit or contain the impact of a potential cybersecurity attack.

• Detect anomalies and events that can lead to a cybersecurity occurrence in a timely manner.

• Respond quickly to any detected cybersecurity incident to contain its impact.

• Recover from any incident by restoring systems and services.

 
When developing a cybersecurity strategy based on this framework, it is worthwhile noting two trends.
 
Firstly, many organisations have shifted from on-premises to hybrid cloud IT infrastructure. This means that data and applications are no longer residing just physically in the data centre, and security has to be more than just an on-premises approach. It needs to be a hybrid protection strategy.
 
The second trend is that of Ransomware as a Service (RaaS). One does not need to possess slick programming skills to create a ransomware. Malicious software is available as a service, making it readily available to anyone with ill intent. Anyone can purchase RaaS, steal data and sell on the Dark Web.
 
Securing internet, cloud and private app

Organisations would do well if the following three things are provisioned to secure their networks at the edge, the points where users access the corporate network.
 

1. Secure Internet access. Organisations need to provide internet access to employees to do a host of activities such as browsing, research and communication. The typical security measures include proxy websites and URL filtering.

2. Secure SaaS access. Document sharing with internal and external parties is part of today’s way of working. Dropbox and Google Drive are among the file sharing platforms that make collaboration easier and work more efficient. Measures need to be in place to prevent these documents from being viewed, downloaded or stolen by unauthorised parties.

3. Private app access. There are applications that sit in the data centre or cloud that are open to employees and partners. This is an area that needs to be treated as a separate security domain.

 
Securing access to the internet, shared applications and private applications are essential in the entire security strategy planning.
 
Regaining the upper hand
While it’s not necessarily a do-or-die scenario, having an agile and highly responsive security strategy can help organisations regain control of their networks.
 
From the number of reported cases, it is clear the army of cyber attackers is growing in number.
They have the upper hand in terms of deciding when to strike and how to strike. Strikes are known to take place over the weekends or nights when no or few employees are working. This drives home the message that your IT infrastructure must be defended even when nobody is around.
 
Organisations can counter the attack by being prepared, adopting a security strategy, and deploying security solutions that work for them. Here are the four steps to do so:
 

1. Start by developing a security strategy based on the NIST framework.

2. Turn to a trusted partner that understands your needs and provides solutions that address your challenges and protect your business. Choose a partner with deep domain expertise, a proven track record and will be always around for you in years to come.

3. Adopt a suite of security solutions. No single solution can tackle all of today’s complex security challenges. Go through your strategy and choose a basket of solutions that can provide complete protection for your network.

4. Recognise that implementing a security plan requires a teamwork of colleagues and partners. Regardless of the size of your organisation or security team, working as a team will help you have a more secured network.

 
With a deeper understanding of security risks in a post-pandemic world, you will be able to develop a more comprehensive security plan to safeguard your organisation.