What Singapore organisations must do when they get cyber threats

It is a common tendency to take things for granted until it is too late, and the same can often be said for managing cybersecurity. Organizations frequently overestimate the capabilities of existing systems and many rely on first generation technologies and static defense systems that are insufficient in defending against today’s targeted and sophisticated cyber threats.

The Singapore government is keenly aware of the need to improve security measures among businesses and has recently launched the five-year National Cyber Security Masterplan 2018, aimed at providing overarching strategic direction to aid both the government and organizations in developing a stronger resilience against such attacks.

The tactics employed by attackers today are highly sophisticated and many are designed to bypass the static defenses that organizations have in place to combat these attacks.

Consequently, traditional detection methods may no longer be sufficient in mitigating such risks, which further reinforces the importance of adopting a new approach to security.

To cope with today’s relentless attacks demands a threat-centric model of security that lets defenders address the full attack continuum across all attack vectors and at all times – before, during, and after an attack.

Based on broad visibility and continuous analysis of malware and attacker activities, this model allows defenders to be far more effective even if an attacker gets in.

Here are three simple ways to help ensure your business remains vigilant and ready to fend off potential attacks:

1) Understand the current face of threats

The nature of cyber attacks is constantly evolving, and it is essential for organizations to adapt their security measures accordingly. It may not be possible to keep track of every single attack and the motives behind them.

However, there is a need for organizations to shift their security postures and invest in technologies that offer context-aware security and continuous protection that will aid them in their ability to remain a step ahead of attackers.

2) ‘What can we do differently’ versus ‘What now’

Retrospective security is a big data challenge, a capability that few are able to deliver and an essential component when adopting a threat-centric approach to security. By determining the scope of outbreaks, it contains them and ultimately turns back the clock to automatically remediate the threat.

With retrospective security, compromises that would have gone undetected for weeks or months can be identified, scoped, contained and cleaned up rapidly.

3) Reposition and adapt capable solutions

It is of utmost importance for organizations to review existing defenses to remain sufficiently protected against cyber threats. Understandably, any initiative to adopt a new security model is likely to be fraught with challenges, as it is not easy for such a significant change to occur overnight.

The technology is here to make it happen. However, this is not only a technology problem; this is a people and process problem as well. Mindsets need to shift. Organizational structures need to be redefined.

It is no longer a matter of if, but when the attack will occur. Businesses need to remain vigilant at all times and make a constant effort to beat the attackers in their game. Only then, will they be able to fight back against the rising surge of cyber attacks.