17:11 (GMT +7) - Wednesday 21/08/2019

Banking & Finance

Vietnam needs platform for information sharing on cyber attacks

Released at: 08:00, 08/08/2019

Vietnam needs platform for information sharing on cyber attacks

Photo: EY Vietnam

EY Vietnam workshop hears of the need for organizations to be on high alert and ready for potential cyber threats.

by Minh Do

“Cyber security has to be embedded in organizations’ development strategy. It is vital to have systematic cooperation, information sharing, and technical assistance, not only within a financial institution but also in the financial and banking sector and related organizations and with cyber security experts,” Mr. Tran Dinh Cuong, General Director of EY Vietnam, told the “Cyber Security and the Importance of a Threat Intelligence Sharing Platform” workshop on August 7 in Hanoi.

The workshop was co-organized by EY Consulting Vietnam and Anomali, a US-based cyber security company. Experts in attendance said they believed that an underestimating of the importance of cyber security has led to insufficient investment in human resources and technologies.

“Moreover, cyber security should aim at not only protecting the enterprise but also optimize the response with more advanced tools and strategies,” said Mr. Cuong.

“One organization’s detection can be another’s prevention,” Mr. Geoff Noble, Anomali’s Senior Vice President, told the gathering. “The best way is to build on trust and share experience. You can be part of a community like EY Vietnam to bring intelligence into the platform.”

Experts from EY and Anomali agreed that early detection and warning about cyber attacks play a major role in helping organizations effectively react to such threats before they damage businesses and their stakeholders.

Emphasizing the critical role of advanced notifications and warnings, Mr. Robert Trong Tran, Leader of Cyber Security Services at EY Consulting Vietnam, said he believes that a platform for malware information sharing and cyber attack signals analyzing (IoA) among enterprises is a prerequisite for effectively coping with intentional and complex hacking assaults.

The annual report from the European Union Agency for Cyber Security (ENISA) reveals that most intrusion cases have their roots in loopholes existing for at least one year prior. Thus, an anonymous sharing system collaborating with an Information Sharing and Analysis Center (ISAC) and Security Operations Center (SOC) would help organizations identify risks in advance and immediately react to potential threats before they can cause serious damage. More specifically, compared to obsolete approaches based on firewalls and regular filters, such a system would ensure greater resilience to cyber attacks.

Without a timely defense, a cyberspace intrusion can wreak havoc and cause immense losses to a business, not to mention the potential damage to prestige and reputation in future transactions, experts told the workshop. Organizations should always be on high alert and ready to fight cyber security intrusions to minimize possible financial and reputational risks.

“Any organization can be a potential target for hackers. We need to be on high alert and fully prepared for cyber threats”, said Mr. Robert.

According to the EY 2018-2019 Global Information Security Survey (GISS), more than half (55 per cent) of organizations do not make the protection of the organization an integral part of their strategy and execution plans. Only 8 per cent have information security functions that fully meet their needs. Resources are a key issue, with 30 per cent of organizations struggling with skills shortages.

Many enterprises have a better understanding of cyber security only after suffering major losses from hackers. Seventy-six per cent of respondents to the GISS said they upped their cyber security budgets after a serious breach. However, businesses seem reluctant to share details of intrusive signals for fear of reputational damage. Hackers may also continue to intrude more deeply into the system before updated protection is installed.

The frequency and scale of security breaches around the world show that too few organizations have implemented even basic security measures. However, organizations are spending more on cyber security, devoting increasing resources to fine-tune existing defenses and working harder to embed security-by-design to optimize security and support their growth.

User comment (0)

Send comment