Lessons Singaporeans must glean from the Straits Times hack

No one should be surprised that Anonymous showed its face last week - hacking The Straits Times website and threatening further attacks on Singapore's infrastructure. Additionally, it attacked Philippine Government websites and defaced a range of Australian business websites.

For the Straits Times, this disruption could be relatively minor, but the financial implications of a successful hack could be crippling for most businesses.

No doubt questions will be asked of the newspaper's security systems, but Singaporean businesses should also see this as a monumental wake-up call regarding cyber security.

What is the risk?

According to recent surveys, hacking remains as the top threat faced by most organisations. The New York Times, The Wall Street Journal, The Associated Press’s Twitter account, and a range of South Korean media outlets and banks have all successfully been attacked in the last 12 months.

Attacks can come from numerous sources: hacker groups like Anonymous, disgruntled individuals, corporate competitors, unethical employees, and even foreign governments.

Besides putting in place operational risk management procedures to minimize the chances of a successful hack, companies need to recognize there is no foolproof plan that will fully prevent an attack. So prepare for the worst.

The scope of damage

The cost of a successful cyber attack to the business is endless and goes beyond just being offline. A network interruption brings about loss of revenue and profits, costs in restoring systems, and possibly the loss of reputation and intellectual property. A recent attack on Saudi Arabia's national oil company reportedly took down over 10,000 work stations at the organization.

How do you prepare?

Companies need a well rehearsed crisis management response in place. This should include all aspects of the company’s critical functions, be it IT, PR or HR. More importantly, senior management must be engaged right in the beginning

As Cyber insurance is becoming increasingly sophisticated, it is important that businesses work closely with their insurance brokers to put together a cover that works alongside with their internal risk mapping analysis.

The regulation shadow

With the recent formation of the National Cyber Security Centre, the Singaporean Government has signalled just how seriously it takes the threat of cyber attacks. As more businesses fall prey to hackers, the pressure will increase for companies to show they are protecting themselves and their clients from attacks of this nature.

In the US, laws have already been put in place that push the ultimate responsibility for cyber security onto company boards and senior management and it is a matter of time that Singapore will head in the same direction.

So, you have been warned. Take cyber security seriously. Insure yourself and your customers against the losses you could suffer. And make sure you are prepared.