It’s long been documented that Asian organisations are still among the most poorly protected when it comes to cyber threats and attacks. With disposable incomes continuing to rise, the region has an extremely high financial transaction rate, yet individuals and organisations in Asia are 80% more likely to experience cyber fraud than those in other parts of the world. Malicious ransomware and malware hacks to companies are commonplace in the region because of lack of detection and provision methods and this trend doesn’t look like stopping.
While some industries traditionally have higher impetus to invest in cybersecurity, such as banking and finance, other organisations still don’t consider online security as an integral business function. A mind-set that has to change as digital data becomes even more pervasive. Hackers steal an average of 3.7 GB of data per attack, amounting to tens of thousands of documents containing confidential information. To make matters worse, many Asian countries have relatively lax punishments for cybercriminals. These factors add up to hacking incidents that can affect a business’s financial records not only in Asia, but also in Western countries. In 2015, hacking cost Asian businesses in the region of US$81bn.
When improved cybersecurity ensures compliance
Appropriate security measures can also help Asian businesses navigate the national and local regulations that often vary hugely from country to country in ASEAN – ensuring they are compliant from the very start . It is key that businesses abide by existing regulations, even when a country is in the middle of drafting or changing legislation.
Cybersecurity measures help any organisation stay safe include notifying partner institutions such as banks and lenders when breaches occur; requesting assistance from governmental agencies where appropriate; and providing an appropriate level of defence to insider attacks, particularly with those that are unintentional. Companies that have been, or anticipate being hacked, can also set up triggers and monitors to track where malicious behaviour occurs, how much data is accessed and the time that the attack was conducted. This helps law enforcement agencies create a profile of the hacker and either stop them in their tracks or potentially convict them of the crime later down the line.
What steps should I take?
If you are an entity that does business in Asia, consider designing a cybersecurity with multiple levels that closely aligns your strategy with that of your business partners. This can be tricky as they may need to be compliant with different government regulators. Also, consider spending more on everyday monitoring and detection, especially of internal threats. Lastly, keep government and law enforcement agencies up-to-date on your efforts and how well they are performing. This enables police and legislators to assist you in creating strong laws and penalties against cybercriminals.
While many Asian companies are now taking cyber threats very seriously, many are still defenceless and open to comprises.
Through the combined effort of businesses, financial institutions, law enforcement agencies and lawmakers, we hope to see a higher rate of success in preventing cyberattacks in Asia in 2017.