Cyber attacks highlight need for appropriate cyber recovery capabilities - KPMG
31 Jan 2023 01:30pm
picture for illustrative purposes only - FILE PIC
The professional financial services firm stressed the need for appropriate recovery capabilities after every attack to minimise the disruption to the business.
"When an attack strikes, the initial 72 hours are critical to grasp the scope of the attack. Businesses tend to underestimate the effort it takes to address the initial impact on operations and costs immediately after a cyber-attack.
"Too many organisations wrongly assume that recovery will require several weeks to return to business as usual when the reality is that it may take several months or more,’’ said Ubaid Mustafa Qadiri, the head of technology risk and cyber security at KPMG Malaysia, in a statement.
Ubaid said recovery measures to restore operations also require a precise assessment to determine that the initial underlying threat has been eliminated.
"This can become a complex task amid the immediate need for response measures that include shutting down internal systems and key elements of the business network, along with rushed policy changes,” he advised.
He said this is particularly critical in the operational technology (OT) domain, where physical processes are typically involved.
"Businesses engaged in manufacturing, mining, oil and gas, utilities, and transportation rely heavily on OT to connect, monitor, manage and secure their industrial operations.
"OT security is becoming vital today as OT is integrated with information technology (IT) to create IT/OT convergence. Because IT and OT networks can no longer be separated, attacks on IT affect OT and vice versa,’’ he noted.
He highlighted that the KPMG Cyber Trust Insights 2022 report, which surveyed 1,881 executives globally, also revealed that "chief information and security officers (CISOs) are optimally placed to help their organisations navigate these challenges.”
"However, many are struggling to fulfill them as they still lack a clear mandate to protect their organisations and data,” KPMG said.
About 73 per cent of businesses in the Asia-Pacific said their CISOs do not have the influence they need to protect their firms fully, while 63 per cent from the region said that information security is seen by their organisations as a risk-reduction activity, rather than a business enabler.
Fifty-five per cent said that senior leaders do not understand the competitive benefits that are possible due to enhanced trust that is enabled by better information security.
"Investing in appropriate protection is the cost of doing business today,’’ he said.
There were high-profile cyber incidents reported in Malaysia last year involving large-scale data thefts and leaks, including the theft of the personal data of 22.5 million people from the National Registration Department (NRD) and the illegal extraction of nearly two million pay slips and tax forms from the civil servants’ e-pay slip system.
According to the Communications and Digital Ministry, almost RM600 million in losses were recorded throughout 2022 as a result of cybercrime in the country.
The 2023 Regulatory Framework on Technology Risk Management is expected to be released by the Securities Commission Malaysia this year - BERNAMA
FedEx Express Malaysia managing director Tien Long Woon said the trial journey would cover a total distance of 406 kilometres with an estimated reduction of approximately 100 kilogrammes of tailpipe carbon dioxide emission throughout the journey.
National FedEx launches first cross-border delivery trial using EV to Singapore
JIM director-general Datuk Ruslin Jusoh during a special interview with Bernama, today. - Photo by Bernama
National Hunt still on for 30 Bidor escapees 'in our midst' - Immigration
PUTRAJAYA - The Immigration Department (JIM) is still hunting for the remaining 30 undocumented immigrants still at large after escaping from the Bidor Immigration Detention Depot in Perak on Feb 1. JIM director-general Datuk Ruslin Jusoh said all of them are believed to be still in Perak, and they...
The manager of the organisation, Husin Hassan, 40, and his son Muhammad Aieril Amirul, 21, together with Mohamad Hassan, 39, (pic) Hilmy Ibrahim, 50, and Mohd Syamim Abdul Rahim, 39, however, pleaded not guilty to the charges that were read before magistrate Nur Amira Fatihah Osman. - Photo by Bernama