Edition:
HIGHLIGHTS
Donald Trump’s China policy
NEW
US-China relationsHong Kong economy
News
Hong KongChinaEconomyAsiaWorldSportThis Week in AsiaUS Elections
Business & Tech
BusinessTech
Opinion
Latest
Lifestyle
LifestylePeople & CultureStylePostMagK-popOutdoorCooking
More +
VideoTalking PostSCMP FilmsInfographicsPicturesPodcastsSCMP SeriesExplainedSCMP SpotlightNewslettersSpecial Reports
Topics
Donald Trump’s China policyUS-China relationsHong Kong’s Article 23 national security lawChina’s militaryChina's economic recoveryTrending in ChinaTaiwanChina’s Communist PartyUkraine warWellness
Focus
Greater Bay Area
avatar image
Advertisement
IBM confronts cybersecurity
Tech

Cybersecurity – a risk that no organisation can afford to overlook

Paid Post:IBM
Reading Time:4 minutes
Why you can trust SCMP
Cybersecurity – a risk that no organisation can afford to overlook
Advertising partner

[Sponsored Article]

With cybersecurity breaches, including recent high profile attacks in Hong Kong attracting negative worldwide attention, they serve as a constant reminder that companies, regardless of their size, location or industry, cannot afford to overlook the need for robust cybersecurity practices.

Matthew Shriner, IBM Security, Global Security Intelligence Operations Consulting (SIOC) Partner, notes that whether it is a multination financial institution, large family operated business or an SME, in addition to financial and credit card cybercrime, well-organised cyber-criminals are increasingly fine-tuning their efforts to obtain and leverage higher-value data.  Shriner says the demand for leaked data is trending toward higher-value records such as health-related personally identifiable information (PII), credit reports, and other commercially sensitive data. "Across the region, intellectual property, cutting edge manufacturing processes and new product design details are all vulnerable to cyber-attacks," says Shriner. Furthermore, as the adoption of new technologies such as big data infrastructures and cloud-based technologies increase the volume and spectrum of threats, it has become "mission critical" to monitor and protect the "treasure trove" or data lake of high-value information. "The increased threat of new product designs and sensitive data being compromised has placed cybersecurity issues at the company board level," notes Shriner. 

Cybersecurity research firm, Cybersecurity Ventures, predicts that cybercrime will cost the global economy about US$6 trillion annually by 2021, up from US$3 trillion in 2015. As an international finance and business hub, Hong Kong is a prime target for cyber-attacks with numerous organisations falling prey to cyber-crime, causing widespread disruption, tarnishing reputations and costing the business community billions of dollars. The latest IBM X-Force Threat Intelligence Index found that cybercriminals are changing their stealth techniques to gain access to computer systems. Notably, IBM X-Force saw an increase in the abuse of administrative tools, instead of the use of malware. More than half of cyberattacks (57%) leveraged common administration applications like PowerShell and PsExec to evade detection, while targeted phishing attacks accounted for nearly one third (29%) of attacks.

With many companies using a fragmentary, disconnected approach to address their cybersecurity needs, Shiner says it is typical when IBM Security first engages with a client they will have as many as 80 security products supplied by more than 40 vendors – making security a complicated task by allowing the bad guys to hide between the cracks.   In contrast, IBM's integrated security solutions correlate threat information and can automate a coordinated real-time response to threats across physical and virtual environments. "Any effective security strategy requires collaborative system integration between traditionally isolated security tools," Shriner says. This includes the sharing of real-time threat intelligence, centralising security policies and implementing consistent and coordinated policy enforcement strategies. "Adapting to a threat-aware, risk-based approach versus a compliance-based, box-checking approach is critical amidst the ever-changing regulatory mandates affecting organisations," says Shriner. For example, with potential fines anywhere from 2-4% of a company’s gross revenue for violating  the EU General Data Protection Regulation (GDPR) rules, protecting GDPR data has become a cybersecurity imperative.  The GDPR doesn’t just impact European companies, any organisation that stores, accesses, processes or uses EU residents’ personal data is subject to the regulation.

Advertising partner
This content has been created under the direction of an advertiser. It contains no editorial input or review from the South China Morning Post (SCMP), nor does it reflect the position of, or the editorial standards used by, the SCMP. The advertiser has paid for and approved the content.
scmp poll
Advertisement
Before you go
related topics
IBM confronts cybersecurity
Advertisement