If you look at the world’s biggest data breaches and hacks, it highlights how cybersecurity has become a global phenomenon and that every individual is at risk.

As the world moved towards a hybrid workplace, Singapore quickly experienced a staggering 145 per cent surge in cyberattacks, with an average of 1,123 organisations in the manufacturing industry alone facing an attack every week last year.

According to Proofpoint’s annual Voice of the CISO Report, hybrid working policies and cloud tools made organisations more agile and resilient. But it also made them more vulnerable to cyber threats. For example, as much as 44 per cent of CISOs in Singapore are reportedly seeing more targeted attacks in 2022 since enabling widespread remote working.

Ransomware, supply chain attacks, personal information leaks, and crypto exchange hacks are widely recognised as the most frequent attacks in the region. As a result, the report unsurprisingly revealed that the region has a much higher risk perception of 64 per cent compared to the reported global average of 48 per cent. But how did we get here?

Why is the number of cyber-attacks increasing in Singapore?

The increment of the attacks results from two areas. The first aspect is that cybersecurity is growing in complexity more than ever before. More systems and processes are digitised via software solutions as we progress towards a more digitally connected region. As a result, more software means more vulnerabilities, which also implies the possibility of an increased number of attacks.

New software developments and delivery paradigms have led to the rise of further attacks, for example, software supply chain attacks grew by 300 per cent last year. These attacks typically target open-source and third-party software that technology teams often use as building blocks for their own systems.

The advent of cryptocurrency has made cyber-attacks more profitable. We increasingly see ‘ransoms’ demanded and paid for without traceability. Cybercriminals who have received ransom payments in cryptocurrency are increasing their funds and resources to launch even bigger attacks on critical infrastructure.

Also Read: Best cybersecurity practices for startups to stay ahead of the curve

The second aspect is the inconvenient truth that although cyber-security awareness is growing, it’s struggling to keep up with the pace at which the landscape is evolving. For example, when faced with a phishing attack, most people now know that they should always check the sender before responding to an email or message. But the recent OCBC phishing scam highlighted that attackers were one step ahead by assuming the bank’s identity.

Although most organisations understand the cyber risk, robust cyber security doesn’t come for free or cheap. It can be challenging for boardrooms to see the value of signing off another project.

But news that even the Singapore government is increasing its cybersecurity allocation from 2.4 per cent to 8 per cent of its IT budget shows things are beginning to change. Unfortunately, the bad news is that there is also a big gap for cybersecurity expertise between the supply and market needs, making security goals hard to reach.

Prevention is always better than cure

According to a recent threat landscape report by CyberArk, around 80 per cent of organisations in Singapore experienced ransomware attacks last year. To prevent these challenges, enterprises need to address the issues discussed in this article, and it doesn’t have to cost a small fortune.

For example, raising awareness and promoting cybersecurity training and education is one of the simplest yet most effective ways of improving security.

Security teams that set up processes on a national and global level will help enhance the cybersecurity knowledge of Singaporeans. In addition to this, the adoption of automatic tools can help teams keep up with the fast pace of software development. It’s also becoming imperative to augment the gap posed by limited security experts. But the bigger question is, what are the best tools?

Opting for the best tool in the region

While training, awareness, and other initiatives will deliver results over time, organisations should be taking charge of security by leveraging easily accessible, state-of-the-art tools built on sound scientific research.

For example, Thompson, Scantist’s Software Composition Analysis tool, is one such option trusted by multiple government agencies and businesses.

These tools provide greater visibility over building blocks such as open-source and third-party components used by software teams.

Also Read: There is a concerning lack of cybersecurity talent. Here’s how to tackle it

In doing so, it enables them to monitor and mitigate software supply chain security risks closely. As a result, this approach can play a critical role in reducing the risk of data breaches by as much as 25 per cent.

Businesses large or small can seamlessly integrate the solution into existing software development and delivery workflows and receive customised security reports based on their internal risk assessment and external compliance needs.

Some of these solutions often include a free tier allowing enterprises to explore the capabilities on offer before worrying about securing a budget for features that they might not need.

The journey towards a cyber-safe nation

While increased investment in cybersecurity measures is needed, it’s not a problem that you can throw money at and tick a compliance box. Instead, our journey to becoming a cyber-safe nation for all begins with smaller steps such as building simple processes and using easily accessible security tools.

Raising awareness and the promotion of cybersecurity training and education remain critical. When combined with the right tools, it helps businesses minimise hacking incidents without overloading their technology teams or costing a fortune.

These suggestions are just a handful of tips that make up the bare minimum needed in a fast-evolving and increasingly complex cybersecurity landscape.

For enterprises of all sizes, a cyber incident and a subsequent loss of reputation and shareholder value are inevitable. There is no avoiding the fact that cybersecurity has become everyone’s business, and if you are not part of the solution, you are part of the problem.

So, what role will you play in building a cyber-safe nation?

–

Editor’s note: e27 aims to foster thought leadership by publishing views from the community. Share your opinion by submitting an article, video, podcast, or infographic

Join our e27 Telegram group, FB community, or like the e27 Facebook page

Image credit: Canva Pro

The post How to progress towards a cyber-safe nation appeared first on e27.