Experts call for more vigilance around cybersecurity
With growing incidents of cybersecurity breaches, tech experts are again calling on businesses to properly develop systems to counter attacks.
Noting that gone are the days when having only an antivirus solution was sufficient, managed IT services company tTech stressed that the time has come for local organisations to adopt a proactive approach to security, if they are to ward off serious breaches in the wake of a critical cyber event.
“The days of the traditional antivirus being sufficient on its own are long over. With technology growing and more people now doing business online, the attacks have also grown and the perpetrators are increasingly efficient at bypassing those traditional security methods,” tTech’s CEO Norman Chen and security team lead Jaleel Henry said.
“Just as homeowners invest in supplementary security measures such as security guards and gated communities, an organisation also needs multiple layers of protection,” they warned.
The experts, who noted rapid changes in the tech landscape over the last few decades, urged companies to move towards implementing advanced endpoint detection and response as well as a 24/7 security operating centre among its added layer of protection.
“Beyond the traditional antivirus, a good incident response plan as well as regular tabletop exercises to test that plan along with the patching or updating of devices frequently and having a security incident and event management (SIEM) solution are some of the basic cybersecurity measures that businesses need to have,” the experts said, further indicating that in the face of a recent spike in ransomware attacks, not having a proper cyber incident response plan, will only result in increased vulnerability.
“The reality is cyber criminals don’t care about the size of a company. They’re searching for companies by using artificial intelligence to make themselves more efficient, and any company that is not taking security seriously is an easy target,” Chen said.
For smaller businesses which may not have the capacity to build out an expansive IT security strategy, Henry also said that they ought to have an IT security strategy plan and security awareness training for their users at minimum.
“Companies need to look at their approach to security, and ensure that it is layered; they need to implement strategies and take appropriate measures to properly secure their data, their customer’s data as well as their employees’ data,” he said.
As the spate of cyberattacks continue to trend locally with Derrimon and the Financial Services Commission (FSC) revealed among the latest victims, the experts believe that with these added measures organisations will be better prepared to face the inevitable attacks on their cyber infrastructure. The measures they also deem very essential, especially as the country moves closer towards the December 1st Data Protection Act implementation date.
CEO of Derrimon Trading Limited (DTL) Derrick Cotterell, in recently updating shareholders about an attack on the company’s network which took place last month, said that efforts remain ongoing to further beef up the security posture across all operation of the business.
“The reality is that we’re now in an age where any business that is not ready for this will be in serious trouble. It’s not a question of if you’re going to come under attack but more like when,” he stated.
“Since the actors in our attack were international, we got a team from Israel assisted with a few experts from Trinidad to help us with restoring our operation so we’re now back up and we are putting some more measures in place to help us with curtailing future attacks. We have some back office stuff that we will be bringing up over the next two to three weeks as we continue to look at the architecture and to do more work so that we can fight off these attacks in the future,” he said during the company’s annual general meeting last week.