Every industry vulnerable to data breach, say IBM security execs

By Espie Angelica A. de Leon

Top regional IBM officials have stressed that with the onset of the Internet of Things (IoT) and digital living, any industry is now vulnerable to attacks and therefore data security is imperative at every level.

Photo shows IBM Security global vice president Rashmy Chatterjee (left) and IBM Singapore vice president for cybersecurity Paul Garvey

IBM Security global vice president Rashmy Chatterjee, along with IBM Singapore vice president for cybersecurity Paul Garvey and other IBM security experts, sat down with members of the media from the Asean region to discuss cybercrimes and defense technology during the 2018 Think Asean conference held on May 8-9 at the Resorts World Sentosa Convention Center in Singapore.

According to Garvey, the finance and healthcare sectors continue to be the most prone to ransomware and other cyber threats. “But the gap is closing,” he warned. “Other industries are catching up. It tells us that data risk is particularly important for the bad guys to go after and to leverage.”

Chatterjee agreed. “Hackers will go where consumer data is. Everyone has banking records so that’s obviously very attractive. Everyone has health records. Increasingly, a big part of the world has retail digital records. So that is also a very attractive sector.”

Energy, utilities, and telecommunications are at risk as well since a lot of people now pay their bills online, according to Chatterjee. “But today,” she said, “every industry is vulnerable.” In fact, small and medium enterprises are just as prone to ransomware attacks as large businesses, IBM’s security experts stressed.

Chatterjee added that since data security is now imperative across industries, government regulation, and compliance policies are important in driving a secure outcome for these industries.

When in the past, companies made sure they had identity, data, mobile, network, and infrastructure protection against possible breaches, now they are refocusing their strategy.

“There is a consciousness that however hard you work, chances are at some point you’re [going to] get breached,” explained Chatterjee. “So the focus has to be ‘okay, when you get breached, how well are you equipped to react? How well are you equipped to understand there’s a breach? How quickly are you able to go through loads of data to understand where your biggest threats are? What are the process changes that need to be understood? What is the press and communication strategy for this? How do you get the business back on track? Of course you [want to] be secure but you also need to continue business.”

Citing the massive cyberattack launched on multiple National Health Service (NHS) facilities across England, including four London hospitals in 2017, Garvey lamented that it took the facilities weeks before they can start recovering.

“What was really a very simple attack using a very old ransomware could cripple many aspects of the different healthcare providers in England. So you’re not talking about especially sophisticated attacks that can drive significant disruption,” he elaborated. “It’s that fairly basic attacks are being exploited – that’s the most worrying thing from my perspective.”

The cyberattack, the largest in NHS history, rendered computers at the facilities and medical records inaccessible to medics as the hackers demanded for ransom.

“So our job, and our other vendors and other security providers, is to make sure that we’re working with these organizations to put in place appropriate measures,” said Garvey.

With Chatterjee and Garvey at the media discussion were Michel Bobillier, program director and global leader of Security Tiger Team, IBM Switzerland; and JC Broido, vice president of IBM Security, Asia Pacific.

Think Asean gathered IBM officials and employees around the region, partners, clients, and the media for insightful discussions on new technologies such as AI, IoT, and blockchain. The highlight of the event was the signing of the Memorandum of Understanding (MOU) between IBM, AI Singapore, and Temasek Polytechnic to signal the start of a collaboration that will strengthen Singapore’s AI capabilities and digital economy.

Comment on this post