PETALING JAYA: While the government has taken steps to enhance defences, the onus is on users to protect themselves against threat of data breaches, according to cybersecurity experts.
Kam Fei Yoon, vice-president at IT ecosystem distributor Tec D Malaysia, said the national scam response centre has been quite efficient in managing security needs.
He said a new legislation to cover cybersecurity to be tabled in parliament in March 2023 would take the country another step forward in enhancing online safety.
However, the threat continues to loom large, especially for businesses. Failures in cybersecurity have not only led to data breaches but also financial losses.
Over and above that, there is the additional expense to beef up security. Added up, the costs are staggering.
Research shows that in 2021, a company whose data had been breached suffered losses of an estimated RM340,000. Such an unforeseen financial setback could run a small company to the ground.
The problem is not unique to Malaysia. In just the first six months of 2022, there were 11.3 million web attacks against small and medium enterprises (SMEs) in the Asean region, general manager for Southeast Asia at Kaspersky Yeo Siang Tiong said.
According to Cybersecurity Ventures, a publication that focuses on cybercrimes, the financial losses resulting from breaches in online security globally would reach US$10.5 trillion (RM48 trillion) in 2025, up from US$3 trillion (RM13.7 trillion) in 2015.
Apart from the financial losses, the theft of sensitive data compromises security, trust and credibility qualities that make or break a business.
Not surprisingly, the user is partly to blame. An innocent-looking email with a link is all that is needed to open the door to a company’s private data for the attacker.
Kam said 91% of all cyberattacks start through phishing email. Given that a person receives an average 100 emails a day, it is easy to see how vulnerable a company can be.
Such threats have given rise to a very lucrative business.
For instance, the global email security market is expected to reach RM52.2 billion by 2030, accounting for a compound annual growth rate (CAGR) of 13.1% from 2020.
Over and above that businesses have already spent about US$170 billion (RM767 billion) this year on cybersecurity, according to NT Business Consulting and Training, an establishment that promotes openness by public agencies and data privacy for individuals.
Nonetheless George Mathews, the security compliance analyst and data protection officer at NT Business, said the incidence of ransomware assaults continued to rise.
Small companies remain the weak link in cybersecurity. They have little to spend on measures to beef up their defences, yet an increasing number of them are now digitising their businesses, Kam said.
SMEs also serve as subcontractors to big companies, making them the ideal conduit for cybercriminals to reach bigger enterprises.
Many ideas have been put forward to enhance cybersecurity.
Kam said companies could invest in cyber awareness training for their workforce to reduce the incidence of attacks coming through email.
Chin Chee Seong, the SME Association of Malaysia secretary-general, said the government should offer grants to SMEs for subscription to cybersecurity management services, and make it a mandatory requirement for all SMEs to attend workshops.
He conceded that the SME Association has yet to receive serious complaints about cybersecurity breaches but pointed out that some companies might not want to make their security problems public.
Cyberspace will always be a dangerous place. Cyber criminals lurk everywhere and, as Kam put it, they do not discriminate.
However, he said, any trade-off between usability and security is also unacceptable. “We need the right balance,” he said.
But, as Yeo of Kaspersky pointed out, the onus is ultimately on the user to protect himself and his company.
Source : https://www.freemalaysiatoday.com/category/business/2022/11/17/self-defence-key-to-safety-in-cyberspace/