Securing a Digital Future
Not even the tech giants are immune to being hacked, said industry experts at a SGInnovate panel that discussed how security can be beefed up in cyberspace.
How much of a security risk are we putting ourselves in when booking an Uber taxi, or shopping online with a credit card? A great deal, potentially. From consumer data breaches to crippling malware attacks, cyber attacks are now compromising the privacy and bank accounts of millions of unsuspecting individuals around the world.
US credit reporting firm Equifax is still reeling from a massive cybersecurity breach in September 2017 that affected an estimated 143 million customers. The exposed data included names, addresses, birth dates and Social Security numbers, in addition to more than 200,000 credit card numbers.
Equifax isn’t the only corporate victim of internet crime—although one would point out that consumers are the real victims here—tech giants like Uber and Yahoo have not been spared from breaches of similar scale.
Dealing with cyber threats like these requires close collaboration between all stakeholders in the cybersecurity ecosystem, said six industry experts at a panel discussion on cyberthreats resilience.
The panel was moderated by Ms Padmini Pandya, Director of Strategy for the Asia Pacific and Japan at software company Citrix, and consisted of Ms Lim Bee Kwan, Senior Director of the Government Infrastructure Group at the Government Technology Agency of Singapore; Ms Kara Sadybakasova, Co-founder and CEO of cybersecurity software startup IOTsploit; Mr Anthony Bargar, Managing Director at US-based Cyber Security Consulting Group; Mr Chirayu Wadke, Partner at venture firms SeedPlus and Jungle Ventures; Dr Paul Lothian, Director of Cybersecurity at professional service company KPMG; and Mr Ganesh Narayanan, Senior Manager of Cybersecurity at Accenture.
Defence as the best offence
Singapore’s cybersecurity report card is, at present, not too shabby, said Mr Wadke, who estimated that the city-state is around 25 years ahead of her peers.
Singapore is a beacon of cybersecurity in Southeast Asia, while other nations are still lagging behind. With growing seed funding and a number of accelerator organisations, Singapore’s cybersecurity ecosystem is already beginning to nurture innovations.
Mr Wadke (third from right) believes Singapore is ahead of other SEA countries in the area of Cybersecurity
However, being ahead of the curve is no reason for complacency. The Singapore Government, for its part, is working to improve proficiency in cybersecurity across the workforce.
“The Government is partnering with researchers in academia and in the private sector to address security challenges faced by businesses and society by having a pipeline of talented professionals. This is to prepare the entire ecosystem for Smart Nation, and depends very much on the response of the public to our initiatives,” said Ms Lim.
With a five-year budget of S$130 million dollars set aside by the Singapore Government, she highlighted how the National Research Foundation of Singapore is stewarding partnerships dedicated to cybersecurity under its research and development programme. Local universities will also conduct cybersecurity learning modules under the auspices of the Info-communications Media Development Authority. Even the relevant vocations in the Singapore Armed Forces will be trained in cybersecurity technology to bolster military intelligence, she shared.
Small steps towards big solutions
Dealing with cyber attacks can feel like a lot like playing a game of Whack-a-Mole: put one to rest, and three new ones pop up elsewhere. When it comes to addressing this ever-changing roster of cybersecurity threats, startups are particularly well placed to innovate, said the panel.
Dr Lothian said,
Combating threats involves a mixture of using what companies already have, and verifying and dealing with new risks. As such, big vendors in the market do not always have all the answers to new threats, and this carves out a nice market for cybersecurity startups.
But even as the cybersecurity industry welcomes new startups, the corporate credibility that customers often associate with big firms will take time to develop, said the panel.
Based on the experience of starting her own company, IOTsploit Co-founder and CEO Ms Sadybakasova spoke encouragingly about how new businesses can earn corporate trust by partnering with larger brands or companies that have engaged their services. A win-win situation thus develops, whereby startups begin to build up a portfolio of reputable clients, while large enterprises can leverage the flexibility of startups to quickly patch cybersecurity loopholes. She said,
This is a common model—co-investments between big firms or banks and smaller startups to try and develop proof-of-concept solutions to real problems, which may later be developed into fully-fledged commercial contracts.
Vigilance at all times
In today’s highly connected cities, cybersecurity threats can come from any corner. The panel recalled incidents such as how Google’s Australia headquarters was hacked by way of its building management system, or how misconfigured surveillance cameras may also lead to security breaches.
Companies can consider engaging external consultants to identify and fix vulnerabilities in their information systems, Mr Bargar said. “Cybersecurity firms can provide a third-party standpoint to evaluate how technology is used and help apply it optimally to critical systems and individuals involved in a business.”
Mr Bargar (third from left) speaks about engaging external consultants to identify and fix vulnerabilities in their information systems
But not everyone can afford to call in the experts. Here’s where creating a culture of awareness and breaking down traditional silos within organisations can also help to limit internet crime, said Mr Narayanan, who emphasised that cybersecurity is not just the job of IT personnel.
“There is a need for effective communication across different departments of an enterprise, and for recognising that cybersecurity is no longer just an IT issue. Instead, it requires management effort from every tier of the business.”
Besides cybersecurity, SGInnovate frequently holds talks, workshops, and industry panel discussions on a wide range of deep tech topics such as AI, blockchain and Med Tech. See all of our events here and join our community to be the first to know about all our latest happenings!
Share this with your network!