Hotel booking site RedDoorz recently fell victim to a large-scale data breach, exposing 5.9 million Southeast Asian users’ personal data, a majority of which came from its largest market in Indonesia. Ever since the pandemic accelerated digital transformation, so too have cyberthreat actors proliferated and went bolder in their attacks.
In order to prevent or resolve these threats, critical and timely decisions are required from businesses. Even in the most extreme situations, timing and execution can be just as vital as prevention and foresight. Trend Micro director of Global Operations and Managed XDR Jay Yaneza is a firm believer on this.
During a cybersecurity conference hosted free of charge by Trend Micro Philippines called “Decode 2021”, a gathering of experts with different roles in the cybersecurity industry discussed the relevant topics surrounding the cyberthreat landscape. During his keynote sessions, Yaneza reminded participants that effective prevention is a cycle and offense should inform defense.
“The data defines how the threat actor may have got a foothold. The data also defines how it could be used against your organization. The amount of data taken is also relevant to the amount of dwell time that threat actors may have been in your environment,” he warned.
Trend Micro predicts that remote work poses a great challenge for enterprises since the introduction to cloud environments and the use of new collaboration tools will make security even more critical. Threat actors will likely target the underlying vulnerabilities application programming interfaces, software intermediaries that directly interact with service and software deployment, Internet of Things, and customer applications.
“Metrics should measure strategy. It should not only be owned and mandated by a single team within the organization, it should be spread across the organization. IT staff should make sure they are measuring the right things because these decision points will come to bare after the incident,” Yaneza advised.
The other three keynote sessions were delivered by FBI Cyber Division Intelligence Analyst Lauren Seawright who explained the trends in how Philippine companies are fighting against attacks, Cybercrime directorate of Interpol Global Complex for Innovation (IGCI) and Interpol’s head of Cybercrime Intelligence Unit Shane Cross who discussed the role of Interpol’s cybercrime division in helping curb cybercrimes executed around cryptocurrency and healthcare, and Meralco’s VP and Group chief information security officer (CISO) Mel T. Migriño.
