IDC’s latest report highlighted that 84% of organisations across Asia Pacific¹ are operating with less-than-ideal IT security strategies in place². This is today’s cyber reality; with inadequate cyber defence, enterprises are constantly losing the catch-me-if-you-can game against the fast-mutating threat landscape.

A holistic security approach guided by cyber consulting

Protecting one’s cyber position today needs to go beyond block-and-defend tactics. We see complementing block-and-defend strategies with preventive security via cyber consulting³ as an effective way to ensure proactive cyber defence.

By building up an integrated security approach with clear and robust cyber security strategies, enterprises can improve their overall security posture across people, technology and processes. Gartner also highlighted the value of preventive security, having named consulting and outsourcing as the largest categories of spending on information security⁴.

Do your security tools and processes work when disaster strikes?

Investing in security tools and putting security processes in place is just the first step. What’s key is in knowing (for sure) that they work when disaster strikes.

According to Cisco, more than 50% of companies are using from 6 to 50+ security vendors and products⁴, resulting in the complexity of managing siloed and disparate systems that cause compatibility issues.

A focused, holistic approach guided by cyber consulting expertise would help in 2 ways:

1. Simplify security management: Minimise investments in too many siloed security tools and reduce             the need to work with a myriad of vendors

2. Plan and execute a clear, robust cyber security programme across the entire threat lifecycle to                   build: preparedness, assessment, advisory, and response

Quiz: What is Your Security Readiness?

1. What are your reasons for investing in security solutions and services?

To ensure that our security tools and processes:

       – are compliant
– are effective in protecting against cyber-attacks that will affect our corporate credibility
– work as planned during a security incident

  2. Do you have an incident response plan in place?

  3. Have you tested:

       – your network/applications for vulnerabilities?

       – your incident response plan?

  4. Do you know how your security posture fares against the industry?

  5. Do you conduct regular cyber awareness training for your staff and management?

Recommendations: Boost Your Cyber Security Posture

Before a breach occurs: Check your cyber security readiness⁵

• People: Raise security awareness amongst your staff and management via tactical or executive security training programmes⁶ at Singtel’s Cyber Security Institute.
• Process: Check if your organisation is ready to identify and respond to security incidents. Develop detailed incident response plans, build an incident response team, simulate potential attacks, and more.
• Technology: Detect potential vulnerabilities in your applications via Vulnerability Assessment and Penetration Tests.
  

When you are breached: Incident response and forensics investigation

• Get first-responder help to assess the security incident, contain the security breach and perform detailed forensics examination to gather criminal evidence.

Always on: Continuous monitoring

• Always be cyber-prepared with sustained efforts before a breach occurs (above).
• Continuously monitor third-party risks with a non-intrusive, outside-in approach.

Rate your security posture against industry benchmarks and the competition.