Cybercrime is one of the top risks impacting businesses of all sizes across the region. How must they respond?
Every October is Cyber Awareness Month. A time where government cybersecurity agencies and private sector service providers ramp up their efforts to raise awareness about the importance of cybersecurity, while promoting safe online practices for individuals and organisations.
This year is the first time that cybertheft globally will exceed US$10 trillion annually. This is a landmark number, and one that reminds us of just how big a problem cybercrime has become. By comparison, this number equals the combined annual GDP of India, Japan, and South Korea. Only the economies of China and the US are larger.
With cybercrime one of the market’s top risks for Asian businesses and government entities, here are eight tips to help them stay clear of current online crimes.
1. Every organisation is vulnerable
Today, the Asia-Pacific experiences over one-third of global cybercrimes, underscoring its importance to global supply chains, manufacturing and technology. Yet despite its burgeoning economy, the region is more vulnerable than more mature markets in the West. Digital transformation, which is moving at pace across the region, is a large driver behind these numbers: in many of Asia’s emerging markets for example, first-time bank customers are preferring mobile banking over traditional, in-person ‘bricks-and-mortar’ bank services.
Fast-moving digital transformation agendas are more often than not, accompanied with rapidly proliferating cyber risks. Organisations of all sizes and industries are targets. Reportedly, 43% of cyberattacks in Southeast Asia earmark small- and medium-sized enterprises (SMEs).
In spite of these facts, most business owners and executives are unaware of just how vulnerable their organisations are. Recognition that all organisations are indeed vulnerable is a good first step to staying clear of cybercrimes.
2. Understand your cybersecurity exposures
We have found that many Asian companies have been slow to implement cybersecurity systems and processes. Cost remains a noteworthy constraint, with many proven Western cybersecurity solutions priced highly. And while some local solutions offer comparable levels of security and supporting services, many do not.
There is also the challenge of integration: it is well known that some of the largest names in the space aren’t the best at everything, prompting cybersecurity professionals to purchase niche ‘best-of-breed’ solutions from local vendors. However, these solutions often create resiliency gaps, which can be exploited by cybercriminals.
Then there are the issues of remote working and staff churn. Keeping on top of multiple devices can be extremely laborious for cybersecurity teams. The removal of inactive users and setting up of new ones are also highly time-consuming. Plus, software support may end, meaning there are no more updates, bug fixes or technical help, making programmes further vulnerable to cyberattacks.
3. Outsourcing can bolster resilience, but won’t remove all risks
Organisations may choose to outsource their cybersecurity operations to a third-party vendor that brings industry experience, expertise and capability. However, outsourcing such a service may not prevent a cyberattack.
Indeed, some of the past year’s largest cyber breaches have involved third-party vendors who were entrusted to keep their clients’ data and IT systems secure. And while there needs to be accountability from these providers, ultimately, cybersecurity remains the responsibility of organisations that hire them.
Furthermore, Western cybersecurity vendors often don’t have the appropriate servicing models for Asian organisations. Many aren’t able to service clients in local languages, which can be problematic in markets where English is not widely spoken. Providers may also not have an on-the-ground-presence, which can also be challenging as well, particularly when inspecting and installing hardware, or when cyberattacks strike.
4. Invest in local, experienced talent
One of the main drivers behind outsourcing is today’s talent shortage. Talent that has experienced a cyberattack, knows how to react to one when it strikes – and is adequately experienced to mount a successful response – is in low supply.
In addition, outdated training, costly certifications and job stress tend to discourage professionals from undertaking senior positions. Organisations that invest in local, experienced talent that understand on-the-ground nuances, stand a far better chance of avoiding cyberattacks.
5. Be wary of attack sophistication
The tactics, techniques, and procedures (TTPs) of threat actors are becoming increasingly diverse and deceptive. Plus, they are targeting all levels within an organisation. Despite TTPs and targets, almost all cyber criminals are motivated by money in one way or another.
Some are also motivated by intellectual property theft as well. This is particularly the case with state-sponsored advanced persistent threats. Cybercriminals overall are also interested in creating political instability. By taking out critical infrastructure for instance — like energy, water, transportation, and telecommunications facilities — this could undermine publicly elected officials who are responsible for the delivery of these services, and in turn sway public opinion to alternative candidates.
6. Identify and fix framework weaknesses
Although weaknesses usually appear across risk identification, protection, detection, response, and recovery; attack response is overwhelmingly where most organisations fall short. Time and again, organisations are underprepared when a cyberattack strikes. Most businesses are unable to continue operations and service clients, which leads to reputational damage, and ultimately, loss of revenues.
Fortunately, there are a handful of measures that these organisations can take to better protect, detect and respond to cyberattacks. Installing multi-factor authentication is one such solution: it is universally acknowledged that single factor approaches like passwords are highly susceptible to being hacked. A comprehensive endpoint detection and response solution, which is widely implemented throughout a network, is another measure, as is the ability to deploy cybersecurity software on all devices. Lastly: ensure you have robust back-up systems, as hackers typically look to destroy these during an attack.
7. Include insurance as part of your cyber resilience strategy
The financial and reputational damage caused by a single cyber breach can be highly damaging to organisations. When they strike, many companies — especially smaller ones — struggle to stay afloat.
Fortunately, there are numerous QBE Cyber insurance policy coverages that can support businesses when attacks strike, including:
- Network security and privacy liability, which provides protection for legal costs and damages from data breaches, privacy violations or security failures.
- Business interruption, where compensation is made for lost income due to a cyber event, and third-party forensic accounting costs.
- Cyberattack response and recovery costs that include event costs, system restoration, forensic investigations, crisis communications and legal costs, data restoration and bricking.
- Network extortion and ransomware, covering ransom payments, negotiation costs, and system recovery.
- Reputation and brand damage, providing protection for reputational harm and related financial losses due to a cyber event.
- Social engineering and fraud, covering losses caused by deceptive tactics like impersonation-based and business email compromise payment fraud, invoice manipulation, funds transfer fraud, and telephone scams.
- Regulatory investigations, where the costs relating to privacy or data protection investigations are reimbursed.
- Online media liability, which provides protection against claims related to digital content.
- Emerging threats, covering cryptojacking, betterment expenses, and emergency costs.
- Reward fund reimbursements, for rewards paid to individuals who provide credible information that helps solve a cybercrime.
8. When a cyberattack strikes, seek support immediately
Having a wide variety of support services on hand when an attack strikes is critical. The sooner these services are deployed, the quicker the damage can be rectified.
As part of our client incident response offering, QBE provides a 24-hour emergency hotline for its policyholders, granting them access to a network of specialised cyber and data security experts, as well as lawyers, communication specialists and others needed to respond to attacks.
In addition, we provide a complimentary client service offering via our in-house team of cyber specialists who are on hand to proactively assist our clients with their cybersecurity resiliency needs before an incident hits.
To learn more about QBE’s cyber coverage in Asia visit https://www.qbe.com/cyber/cyber-services. For organisations interested in Vietnam’s cybersecurity landscape, I would encourage you to visit my colleague’s Nhan Tran’s article here.
