VN firms reluctant to share information on cyber attacks
After facing cyber attacks, many businesses tend to conceal the fact and do not share technical information on the incident, even though cyber assaults may carry lessons for other firms hoping to avoid similar problems.
|Robert Trong Tran, leader of cyber security services at EY Consulting Vietnam, shares information at the seminar|
According to the workshop, titled “How threat intelligence sharing can help Vietnamese organizations become cyber resilient,” the digital transformation process is speeding up thanks to the development of technology and demands for a better user experience from customers. It enables organizations to connect, manage and synchronize data and databases to optimize performance, improve overall productivity and enhance value.
The world is becoming increasingly digital. Responding to this trend, organizations are embracing emerging technologies and new business models based on digital platforms. Cybersecurity, however, has not yet gained adequate awareness across businesses.
This has dire consequences for both businesses and their clients.
As noted by experts, hackers are getting more sophisticated in automating their attacks. In addition, with the constrained resource of information and a shortage of skilled cyber security experts, organizations are unable to anticipate and counter imminent assaults in a timely fashion.
According to EY 2018-2019 Global Information Security Survey (GISS), more than half (55%) of the surveyed organizations did not make the protection of the organization an integral part of their strategy and execution plans. Only 8% of organizations have information security functions that fully meet their needs.
Resources are also a key issue, with 30% of organizations struggling with skill shortages.
Many enterprises have improved their cyber security only after suffering grave losses due to hackers. Some 76% of GISS respondents claimed they had increased their cyber security budgets after a serious breach.
However, businesses still seem reluctant to share details of intrusions for fear of damage to their reputations. Hackers could use an old exploit to hack deeper into a system before an updated version is installed.
“Cyber security has to be embedded in organizations’ development strategies,'' said Tran Dinh Cuong, general director of EY Vietnam. “It is vital to have systematic cooperation, information sharing and technical assistance, not only within an internal financial institution but also across the financial and banking sectors, related organizations and among cyber security experts,” he said.
“Moreover, firms should aim to not only protect the enterprise with good cyber security and basic lines of defense but also optimize the response with more advanced tools and strategies,” Cuong remarked.
Echoing this point of view, Geoff Noble, Anomali’s senior vice president, stated, “One organization’s detection can be another’s prevention. Therefore, the best solution is to build trust. You can be part of a community like EY Vietnam and bring intelligence to the platform.”
Experts at the seminar agreed that early detection and warnings of cyber attacks play a major role in helping organizations effectively react to these threats before they damage their businesses and stakeholders. SGT
Vietnam recorded 6,219 cyber attacks since the start of 2019, a year-on-year surge of 104 percent, said the Vietnam Computer Emergency Response Team (VNCERT).
As a regular buyer of television and online sales channels, Nguyen Thanh Thuy has provided mobile phone numbers and home addresses to receive goods, but she did not expect her personal information to be passed on to a third party.