How to 'live and play safely', according to cybersecurity expert

Speedy, unpredictable and headline-grabbing? Sounds like Lewis Hamilton behind the wheel in Formula 1?

Not quite.

As Darric Hor puts it, cybersecurity is just as fast-paced and just as fraught with changes and dangers.

"This industry is in a fast-changing environment and we need to adapt to these fast-paced changes, as there are always new variances of vulnerabilities that would compromise data," ABPGroup's new Chief Revenue Officer told AsiaOne. Hor reports to the Group Chairman of ABPGroup, Sun Yi, who is its founder. Sun has more than 15 years of experience in Cyber & IT Security.

A passion and ambition to make the online world safer and more secure for everyone drives Hor.

“It is important for us to live and play safely in this highly connected world.''

The reverse seems to be truer these days. A recent report by the Cyber Security Agency of Singapore (CSA) showed that almost half of all Singaporeans encountered at least one cybersecurity lapse in 2018. This statistic came on the back of a 15 per cent surge in reported cybercrimes to 6,179 cases in the same year.

ABPGroup is a security firm focused on cybersecurity. Its three operating entities — Sunnic (Cybersecurity Solutions), Tindo (Cyber Defence Integration) and Securite (Cybersecurity Systems Distribution) — provide end-to-end solutions for corporates to safeguard their data, a key commodity in today’s increasingly digitised world.

Hor firmly believes that we can do better.

“In this digital economy, we need to ensure that sensitive information is being protected and being used by the right user and used correctly.”

In this regard, his homegrown company looks to lead the charge in the corporate world, by strengthening its clients’ overall cyber defence.

Hor shared how ABPGroup’s three-pronged approach of people, process and technology could shape the way Singapore looks at cybersecurity.

People: Cybersecurity’s first line of defence

The human factor has long been seen as the weakest link in cybersecurity processes.

While Singapore boasts one of the best cyber defence infrastructures, technologies and government policies in the world, often it is human lapses, mismanagement or irresponsibility that allows for cyber attacks to gain a foothold in an organisation.

Hor noted that as a cybersecurity-focused firm, ABPGroup prioritises the people element when it looks at client profiles. Importantly, Hor believes that client attitudes need to be adjusted as vigilance is paramount when safeguarding against and detecting cyber attacks.

Through interaction with clients, Hor spotted some common cybersecurity malpractices, including:

• Password hygiene
  • Use of personal passwords for work accounts.
  • Keeping passwords in soft or hard copy. 
• Failing to report suspected cyber intrusions
• Misplacing corporate hardware
• Assessing malicious websites in the office through phishing URLs

Process: Detecting and isolating cyber attacks

Cyber attackers look to evade detection and, so far, they have been outperforming corporates.

According to a survey on cybersecurity perceptions and practices by LogRhythm, less than half of 751 companies are able to detect a major cyber attack within one hour.

Hor believes that this boils down to IT processes and feels that the recently launched Vulnerability Disclosure Programme would help the government discover cybersecurity vulnerabilities that its staff would otherwise not find.

The programme encourages reporting of suspected weaknesses in government IT systems to GovTech, the technology agency in charge of public services.

“Such a programme, if conceived on a corporate level, could help companies overcome internal biases and place emphasis on cyber attack detection,” said Hor.

Leveraging on constantly evolving technology

As a former sales lead at Singtel’s Trustwave operations, Hor knows that technology is an important element in a cyber defender’s toolkit.

In particular, the adoption of machine learning and artificial intelligence could help companies combat large-scale cyber attacks such as DDoS (distributed denial of service) attacks on online platforms.

Such technology would help companies predict and prevent suspicious activity internally or on client-facing platforms. This would then enable companies to take pre-emptive measures to stop such suspicious activity from escalating into full-blown cyber attacks.

To ensure that it is always ahead of the cyber technology curve, ABPGroup partners with leading companies in the field of privileged access, information security, hardware and software encryption, and cloud-based internet browsing security.

Overall, Hor echoed ABPGroup’s vision of creating a safe and secure digital world.

While it is cognisant of government initiatives to bolster the cybersecurity space in Singapore, ABPGroup also notes that legislation will not be a panacea against cyber attacks and that corporate Singapore has to step up to safeguard its digital assets such as client information and sensitive data.

Notwithstanding this, Hor firmly believes that constantly investing in people and exploring new cybersecurity solutions will ultimately help corporates stay one step ahead of potential cyber attackers.

This article is brought to you in partnership with ABPGroup.

simeonang@asiaone.com