
Technologies such as artificial intelligence, autonomous vehicles, cloud computing and data analytics were already transforming businesses before the COVID-19 pandemic. Last year, many organisations had to pivot quickly to meet every aspect of digital transformation and found themselves in a dilemma: while remote working brought much convenience and efficiency, it brought to light various operational, legal and compliance issues for organisations that have neglected cybersecurity risks.
In Singapore, about eight in 10 organisations – in public and private sectors – have attributed a rise in cyber attacks to work-from-home arrangements. In fact, this trend is reflected across the world.
The National Cyber Security Centre in Switzerland, for example, reported a surge in cyber attacks on companies in April 2020 when the COVID-19 crisis started to intensify. There were over 350 cases a week that involved phishing and direct attacks, a threefold increased from pre-pandemic days. Deloitte also reported that more than half a million video conferencing users worldwide had their personal data stolen and sold on the dark web between February and May 2020.
As the world fought to control the pandemic, governments and organisations also grappled to contain and thwart cyber attacks to sustain the new digital ecosystem. In this new normal, we see more organisations adopting these three key strategies – just as we have – to increase cyber resiliency and improve their cybersecurity posture:
- Accelerate the education of the workforce to raise awareness of cyber threats
- Innovate and deploy critical solutions to combat ever-evolving cybersecurity challenges
- Build deep expertise in cybersecurity capabilities to eliminate increasing sophisticated attacks
Accelerate awareness of cyber threats
Much like how the fight against COVID-19 is everyone’s responsibility, the first line of defence against cyber threats has to be the workforce which, across many industries, is now further dispersed and operated remotely. The priority for such organisations has to be levelling up the awareness of employees and their resilience against cyber attacks from phishing email attacks, the most common and successful breaching method.
At ST Engineering, we accelerated such awareness through continuous and collective initiatives such as cybersecurity awareness courses and phishing exercises to heighten employees’ awareness of potential attacks on our network and email accounts. Additionally, we conducted Cybersecurity by Design courses to equip our engineers to incorporate cybersecurity into their design and development instead of treating it as an afterthought.
Cybersecurity solutions to combat ever-evolving threats
There is no standard cybersecurity solution, as threats are always evolving. What are the critical cybersecurity solutions that organisations need to improve their cybersecurity posture?
- A sure way for any organisation to start bolstering protection is to secure endpoints, network and storage with encryption products, such as our DiskCrypt, NetCrypt, and Cross Domain products, that meet international certification standards under Common Criteria (CC) and fit seamlessly into any operating architecture.
- Large enterprises may require a Cybersecurity Operations Centre (SOC) equipped with customised decision-making dashboards, threat intelligence search, and cyber-attack threat rules to protect them. As the industry leader that has implemented about 20 SOCs for national, defence, public security and critical information infrastructure (CII) customers over the last decade, we were able to harness our experiences to help our organisation and our customers to design, build and operate resilient and effective SOCs.
- In critical sectors such as transportation, energy and utility, recent cyber attacks have given rise to Operational Technology (OT) Cybersecurity demand. With the convergence of IT, OT and Internet of Things (OT/IoT), and also the close synergy between Network and Info-security, ST Engineering has merged our Enterprise Systems with Cyber to enhance our capabilities in designing, implementing, and managing software-defined networks and large-scale network systems. This synergy allows us to strike an optimal balance between performance and security orientation. Today, we also have a team that specialises in OT cybersecurity to meet the increasing demand to protect the Industrial Control System (ICS) and IoT environment.
Building deep expertise
For any organisation, improving cybersecurity posture requires a highly experienced team and partner.
At ST Engineering, we have been focused on contributing to Singapore’s efforts to growing the cybersecurity talent pool, training cybersecurity professionals and nurturing an operationally ready workforce with relevant skills. Our ST Engineering Cybersecurity Academy has trained more than 2,000 cybersecurity practitioners in over 150 government agencies and commercial enterprises both in Singapore and overseas. We also team up with education institutions in Singapore, such as the Institute of Technical Education, to train tertiary students and equip them with relevant skill sets and valuable hands-on learning experiences in purpose-built cyber facilities.
We believe that these three key strategies will build the necessary cyber resilience for organisations to be better equipped to guard against increasingly sophisticated cyber attacks and secure what matters to these organisations even post COVID-19 pandemic. If you would like to learn more about our cybersecurity capabilities and solutions, I invite you to watch this short video to find out more or to contact us directly.