Better Cyber Safe Than Sorry:
Don’t Wait till You’re Hacked
Table of content :
- What does this mean for businesses?
- What is wrong with current cybersecurity systems?
- Armour yourself with Security-as-a-Service (SECaaS)
- The consequences of inaction
2018 was not a good year for Singapore.
In Singapore’s worst cyber attack, unidentified hackers infiltrated the databases of SingHealth, the nation’s largest group of healthcare institutions. Personal particulars of 1.5 million patients, including the outpatient prescriptions of Prime Minister Lee Hsien Loong and a few ministers, were compromised and stolen.
A post-mortem of the incident revealed what most of us already expected: vulnerabilities in the system, coupled with human lapses by irresponsible senior executives, resulted in the unfortunate breach of the healthcare group’s database.
Notably, the Citrix servers to which the SingHealth database was linked were not adequately secured against unauthorised access using 2-factor authentication. Even the most basic security measure, strong administrator passwords, were discovered to be not up to standard after the fact.
The 454-page report released by the investigation committee found weaknesses and misconfiguration issues throughout the entire network. Most damning of all was the fact that a number of these vulnerabilities were already discovered during a 2017 pen test which identified the problem of weak administrator account passwords and strongly recommended a need for network segmentation. Yet, their advice fell on deaf ears.
What does this mean for businesses?
“A cyber breach is a matter of when not if.” This is the forewarning given by researchers who wrote The Singapore Cybersecurity Report 2021, published by The Cyber Security Agency of Singapore (CSA) in October last year.
The report spotlighted an uncomfortable truth that Singapore must contend with as we continue to exploit benefits offered by the digital world; cybersecurity and digitalisation are two sides of the same coin. As we gradually move our activities and business operations online, we also expose ourselves to bigger threats in cyberspace.
And it’s not just state institutions that have to be wary of data leaks and cyberthreats. Businesses and non-governmental organisations alike have also been primary targets of cybersecurity attacks over the past decade.
Along with the rise of worldwide connectivity and the acceleration of digital services, local companies now find themselves in precarious positions where their digital processes become increasingly vulnerable to cyberattacks across geographic borders.
In particular, the number of recorded ransomware attacks in Singapore increased by 154 per cent in 2020. Small and medium-sized enterprises (SMEs) in various industries, including manufacturing, retail, and healthcare, were primarily impacted.
In many of the attacks, the property most valuable to these small businesses, customer database, intellectual property, and source code, were repeatedly compromised and used as ransomware bait.
What is wrong with current cybersecurity systems?
If you’ve ever had to connect to your company’s virtual private network (VPN), you would understand the struggle as a daily user of a centralised network. Traditional cybersecurity services require on-premise infrastructure to support their operation.
Because of this centralisation of security, traffic for all remote and off-network users, ever more applicable now since the transition to remote or hybrid work arrangements, have to be rerouted back to the workplace or a centralised data centre through a complex security protocol. This results in slow connection and an overall bad user experience for all employees.
Furthermore, traditional in-house infrastructure is extremely costly. It includes servers or appliances with databases, software and licences, utility functions and maintenance fees.
All these can add up to a sizable amount for a small company that wants to prevent hacking and conduct routine security checks from time to time.
Armour yourself with Security-as-a-Service (SECaaS)
SECaaS can be understood as a cloud-powered model for outsourcing cybersecurity services. Strictly speaking, SECaaS is not a new service in cybersecurity.
In recent years, organisations have increasingly turned to SECaaS to ease the burden on internal security teams and reduce the cost of organising an internal security team.
ArmourZero is revolutionising the cybersecurity space with its cloud setup and flexible subscription model. Future add-ons or new subscriptions in different security categories.
In addition to its flexible design, the company has self-powered automation and rapid response to threats, 24/7 security alerts, and monitoring of events through its operations centre security (SOC). All of this is under the supervision of certified security experts working with the latest and most advanced technologies available.
A leader in the one-stop cybersecurity orchestration platform, ArmourZero offers a suite of essential SECaaS services for all businesses:
- Endpoint antivirus
- Endpoint next-gen antivirus
- Endpoint protection with EDR
- Endpoint protection with EDR and threat intelligence
- Patch management
- Email protection
- Web protection
Armed with these impressive services, businesses can join an expanding network of modern technologies, people, knowledge, and processes to enhance existing security measures. ArmourZero currently provides a 1-year free limited promotion for Endpoint Protection with EDR service that you can get from here.
The consequences of inaction
As Singapore strives toward its vision of becoming a smart nation, cybersecurity must also keep pace to ensure the safety of all users and businesses. The ongoing pandemic has also taught us a valuable lesson in prevention and protection; only with low-cost vaccination can we ensure that we are adequately protected against the ever-evolving virus.
With this safety net, the threat becomes far from dangerous even when infected with different virus variants.
The age-old adage, better safe than sorry, rings particularly true in cybersecurity. Don’t be the one to regret only after something bad has happened. By then, it will already be too late.
*This article has been published on e27.co on 5 Apr, 2022
Written by:
Deon Tan, a freelance writer and researcher living in Singapore, cover exciting stories in the tech community.
Share this post
Related Posts
Earth Day: The Connection of Cybersecurity and Sustainability
- 22 Apr 2024
- By:Fanny Fajarianti
- Category: ArmourHacks
Uncover the link between Earth Day and Cybersecurity, promoting sustainability through data protection and environmental stewardship. Let’s secure a greener future.
What is DevSecOps? Definition & Best Practices for Tech Industries
- 18 Apr 2024
- By:Bernadetta Septarini
- Category: ArmourHacks
Learn about DevSecOps, principles, and best practices for the tech industry. Integrate security seamlessly into software development and enhance quality.
Safeguarding Your Organisation During the Hari Raya Holiday
- 09 Apr 2024
- By:Bernadetta Septarini
- Category: ArmourHacks
Protect your organisation from holiday cyberattacks during Hari Raya. Learn more about the risks and best practices for holiday security with ArmourZero.
Cyberattacks: A Growing Threat to Higher Education
- 02 Apr 2024
- By:Fanny Fajarianti
- Category: ArmourHacks
Universities hold sensitive data but face cyberattack risks in the digital age. Explore the impact of cyberattack and learn how to protect your institution.
