DUE to the rise of the Internet of Things (IoT), information is being collected at an unprecedented rate, with much of it being highly personal and confidential. It is because of this that cybersecurity is of much greater importance today.
ePLDT, an industry-leading provider of digital business solutions to enterprises in the Philippines, is warning local companies that employing data security software and hardware is not enough to combat cyber-threats. This is according to its newly appointed head of cybersecurity.
“Companies that focus on data security technology alone unfortunately do not understand cybersecurity,” said Angel Redoble, chief information security officer of ePLDT. “Because a single attack can affect every department of a company, cybersecurity therefore should be approached holistically by integrating it in every aspect, not just in technology. To do this, a company must first focus on having a strict protocol or process and must have the right people who are skilled to combat different kinds of threats. Once these are integrated with the appropriate technology, a company can achieve business resiliency.”
This crucial insight follows on the heels of Ernst & Young’s Global Information Security Survey of 2016 and 2017, which reveals that 64 percent of 1,735 firms surveyed, which includes Philippine companies, admitted that they have zero or mere informal threat intelligence programs. Moreover, 42 percent do not have an agreed communications strategy or plan in place in the event of a significant attack.
A security process or program provides the framework for keeping a company at a desired security level by assessing the risks, deciding how to mitigate them, and planning on how to keep programs and practices up to date. ePLDT notes that this is where most companies fail because they only treat cybersecurity as technology or software.
“The hundreds of thousands of vulnerabilities that are recorded every day plus the evolving hacking methods just goes to show that like a process, cybersecurity is a never-ending journey and should be evolved to mitigate & manage new threats,” said Redoble.
Data security skills, on the other hand, are also crucial since a skilled workforce can identify and therefore understand how to handle the vast majority of threats to data, like malware or hackers seeking confidential information.
Redoble recognized that some institutions do not employ cybersecurity because of financial constraints but also noted that this should not stop them because the tradeoffs are more than beneficial for a company’s performance and existence.
“Thanks to growing trends, not deploying cybersecurity is and will become more costly in the future. Companies who are serious about surviving must place it as a business imperative as a single attack can break any business,” he said.
Fortunately due to the current trends and developments in cybersecurity, businesses can now achieve the process, technology, and skills to uphold security through inexpensive means. By administering an assessment of their current capabilities, a company can already set certain protocols while the lack of skills problem can be addressed by teaching the staff how to recognize an attack.
With regards to technology, Redoble noted that there are various data security measures that are being offered subscription-based. However, applying these three may leave a company’s in-house IT department drained and will lead them to focus on security rather than boosting productivity. As a solution, Redoble recommended to partner with an end-to-end data security provider.
As a leader in data security services in the country, ePLDT’s Cyber Security portfolio is a suite of services that covers devices, systems, processes, and expertise, designed to defend enterprises from multiple security risks, evolving threats, and malicious software attacks. The portfolio is further boosted by ePLDT’s vast infrastructure network due to its nine state-of-the art data centers and is recognized internationally through its ISO 27001:2005 Information Security Management System (ISMS) certification.
To know more about ePLDT’s cybersecurity offerings, visit www.epldt.com/solutions/cyber-security/. (PR)