Adopt proactive cyber defense strategy in the post-pandemic era
The recent reopening of Hong Kong-Mainland cross-border and neighboring Asian countries accelerated the recovery of economy and led digital transformation across different industry verticals. With the aim of providing excellent user experience and business continuity, significant investments were made in technologies.
With the border reopening, increasing demand for business and personal travel is expected. Retail and real estate also benefits from the relax of social distancing measures. To catch the business opportunities, organizations are in actions of launching new services and products online, such as air-plane tickets and hotel accommodation packages, etc.
The digital transformation of businesses is continuously expanding the attack surface, including IoT/OT devices, online services, cloud workloads and more available to bad actors. While technology has made it easier for businesses in the new normal, it has also presented hackers and malicious actors with an unprecedented opportunity to take advantages exponentially.
Risks and Challenges for organizations
Limited visibility to the expanding attack surface: Criminals may take advantages of the expanding attack surface of organizations as the doors to gain access to the network of organizations. In addition, criminals also trade the data obtained from phishing, compromised devices or user accounts on the dark web.
The Rise of Advanced Persistent Cybercrime, including Ransomware: FortiGuard Labs team documented 10,666 new ransomware variants in 1H 2022 compared to just 5,400 in 2H 2021. The growth of Criminal-as-a-Service (CaaS) contributes to an increased volume of cyber-attacks. Threat actors also dramatically reduce the time in attack preparation through subscription models.
Hard to detect intrusion, impersonation, and data breach: Criminals often use fake websites and social media pages to phish customers, business partners, and employees of the victim organizations. That makes detecting intrusion difficult—the longer time to spot an intruder, the more significant the financial impact of data breach costs. With stolen user credentials and sensitive data, such as credit card numbers and personal identification info, threat actors can easily cover themselves from detection of traditional security countermeasures.
Skill shortage and employee negligence: While the cyber threat landscape is evolving, cyber-attacks become more sophisticated to be detected. The ongoing emigration wave further enlarges the gap of IT security skill shortage in many organizations. Organizations with limited staffs and resources may need tools providing better visibility and automation for threat detection and investigation, before burning out the IT security operations.
Recent Examples:
For instance, in 2022, a bad actor impersonated a top-tier local hotel group's Facebook page to market staycation packages in Hong Kong using a fake Facebook account. This impacted the company's revenue and brand reputation. In another instance, a hotel chain revealed a data breach affecting the personal data of more than 290,000 visitors in 2022. However, the hotel chain first became aware of the questionable activity only two months after the malicious actor gained the network access.
What's needed?
Organizations need to rethink their strategy to fortify their security architectures. To provide effective defenses against sophisticated attacks, they should look at strategic partners and solutions, such as External Attack Surface Management (EASM) and digital risk protection (DSP) for brand protection and dark web monitoring, cyber deception, Network Detection & Response (NDR), and Endpoint Detection & Response (EDR) – those are capable of taking proactive remedial action before threat actors engage in harmful behavior.
Finally, for organizations to maximize the return on their digital investments, secure their data, and allow privacy compliance, it is crucial to have the proper strategic technology partner.
-- Contact us at [email protected]
-
Which HK district is most defensive in home rental? Ben Kwok
Yes, the border is open. Yet, the business is not back. That has been reflected in the residential rental market in Hong Kong, where 90 per cent was below the pre-pandemic level, according to
-
Talent development takes years, so we should start now Dr. Winnie Tang
Recently, the fever of artificial intelligence-powered chatbot ChatGPT has swept around the world. Within just two months after its launch in last November, it reached 100 million users. But if you
-
Hong Kong needs a new approach to talent Daniel Cham
Hong Kong has arrived at a critical juncture for its talent market and its economic future. Due to several factors that include the pandemic, emigration, and an ageing population, Hong Kong has a
-
Hong Kong Ballet premieres Coco Chanel Kevin Ng
Hong Kong’s cultural scene is bouncing back. Just after the Hong Kong Arts Festival, Art Basel has returned after three years. And nearby at the Academy for Performing Arts, Hong Kong Ballet
-
How to position our AI supercomputer centre? Dr. Winnie Tang
Professor Sun Dong, Secretary for Innovation and Technology and Industry, said that the investment in the proposed AI supercomputer center would be “huge”, and "if you make reference to supercomputer
Hong Kong Ballet premieres Coco Chanel
Hong Kong needs a new approach to talent
How can we better serve travel-deprived consumers in digital age
Talent development takes years, so we should start now
Long-term benefits of ESG investment
Which HK district is most defensive in home rental?
Who should be bailed out next?
Getting geopolitics right
