CYBERSECURITY continues to be a top concern in Malaysia. Many organisations are vulnerable to cyberthreats like malware, phishing and ransomware as they do not have proper cybersecurity measures in place.
In the past year alone, Malaysia had suffered multiple cyberattacks. These include the theft of personal data of 22.5 million people from a national registry and a payment gateway data breach.
Most recently, a group of hackers broke into a payslip system and extracted nearly two million payslips and tax forms, amounting to 188.75 gigabytes of data.
Despite these alarming real-life cases, many organisations are still lagging in building strong cybersecurity for the workplace that protects both companies’ and employees’ data.
According to Sophos’ Future of Cybersecurity in APJ 2022 research, there is a lack of cybersecurity awareness across the Asia Pacific and Japan; many businesses assume they will never be attacked.
The State of Ransomware 2022 report, published by Sophos, revealed that 79 per cent of local organisations were attacked by ransomware in 2021, which is significantly higher than the global average of 66 per cent.
According to the Malaysia Cyber Security Strategy 2020-2024 report, the country may face economic losses of up to RM51 billion due to cyberthreats.
In such a vulnerable environment, curated detection and response tools, strategic plans and cybersecurity awareness initiatives are needed to prevent this from happening.
CLOSING CYBERSECURITY GAPS
Cyberattacks not only pose a serious threat to businesses, but also impact revenue, brand reputation and consumer trust.
Hence, there is a need to implement always-on security operations.
Cybersecurity-as-a-service provides a range of services to mitigate security risks as well as improve security measures and threat intelligence across a wide range of industries.
It is an outsourced model of cybersecurity management, allowing access to multiple cybersecurity resources with different areas of expertise.
For example, Sophos Managed Detection and Response (MDR) helps organisations to better detect and remediate attacks.
Taking an active monitoring approach, the Sophos MDR operations team can quickly identify the who, what, when and how of an attack, then respond to threats across customers’ entire ecosystems within minutes.
TAKE ACTION BEFORE IT IS TOO LATE
To help businesses safeguard themselves, here are some best cybersecurity practices, according to Sophos:
1. Switch from a reactive to a proactive approach
Once an attack is obvious, it is often too late. Businesses need to assume that they are compromised and hunt for threats.
2. Monitor for early signs of compromise
Two things stand out as early indicators of compromise — one is the use of credentials for remote access/administrative purposes during off-hours; the other is the abuse of system administration tools to conduct surveillance.
3. React as quickly as possible
When an organisation is under attack, every second matters.
4. Invest more in awareness and education at all levels
Business executives must pay heed to cybersecurity as well as educate employees and leaders to undergo cybersecurity training.
5. Ask for help
It is okay to ask an expert for help. The threat landscape is too complex and changes too quickly for anything, but an MDR service has multi-vendor security capabilities to successfully defend against attacks.
Sophos MDR provides 24/7/365 ransomware and breach protection services. It is delivered by experts who detect and respond to cyberattacks on businesses’ behalf.
Learn more about Sophos MDR here.
© New Straits Times Press (M) Bhd
