As more companies migrate to the cloud, the risk landscape has seen an increased surface area for cyber security risk according to Horangi Cyber Security CEO and founder Paul Hadjy who was speaking at the Asia Cyber Risk Summit 2019 organised by Asia Insurance Review.
Mr Hadjy pointed out that cloud-related cyber risks is a pressing issue that needs to be promptly addressed given cloud traffic will comprise 95% of global data centre traffic by 2021 and cloud configuration has overtaken ‘phishing’ as a top source of data breach.
“Our product is more focused around cloud security. That's what helps organisations that are either sort of moving into the cloud or actually cloud-first,” said Mr Hadjy commenting on Horangi’s cyber security offering.
In his keynote address, Mr Hadjy also highlighted how Asia is extremely vulnerable to cyber risks as it is “desperately short” of cyber security experts. While there is generally a talent deficit in global cyber security given an insufficient number of professionals and lack of qualified teams, Asia Pacific contributed majorly to this deficit according to findings from the (ISC)² Cybersecurity Workforce Study.
Mr Hadjy views cyber security as a human problem and has observed “a disconnect” between technical and business requirements on this issue. Therefore, he urged businesses to adopt a security first mind-set centred on people, process and technology as he highlighted contemporary cases of regional and global cyber attacks such as the recent SingHealth data breach in Singapore as well as the Marriott and Facebook data breaches in the last six months.
“Over the past 24 months, there has been significant breaches in an industry that hasn't been regulated at all”, said fellow speaker Doug Witschi, an assistant director (innovation centre directorate) at INTERPOL Global Complex for Innovation.
Mr Witschi pointed how it is cheap and easy for criminals to get involved in cyber crime. At the same time, legislative gaps in cybercrime across various countries has rendered cyber into an even more challenging issue.
Meanwhile, Nanyang Technological University professor and director Prof Shaun Wang who heads the Insurance Risk and Finance Research Centre at NTU’s Nanyang Business School highlighted a “whole spectrum of cyber risks” with some risks more sophisticated than the rest.
He identified hacking, data breach, cyber-enabled financial frauds and cyber-physical attack on industry control systems as the major categories in cyber risks. When it comes to these risks, he sees two worlds; MNCs and SMEs. While large MNCs have large cybersecurity budgets, SMEs are seen to lack the knowledge, expertise and financial resources.
Referring to SMEs facing cyber attacks, Mr Hadjy said that “60% of those businesses actually go out of business within a year following a major attack.”
The Asia Cyber Risk summit was chaired by Jonathan Ranger, CEO at Criterion Underwriting which specialises in cyber products and financial lines.
Themed “A Cyber Dare: Can Business Be Cyber Resilient?”, the summit was sponsored by Singapore Reinsurance Corporation and Horangi Cyber Security. It drew around 100 delegates including cyber security professionals, risk managers as well as insurance and reinsurance executives managing cyber concerns.