Internal talent, technical knowledge, appropriate IT security remain missing pieces in the struggle to remain vigilant and hack-resilient.

Last year saw headline-grabbing information leakage incidents involving companies and organizations in Southeast Asia (SEA). The rising cases of data breaches were costly: IT business decision-makers from the region admitted to losing US$1.10 million on-average because of this menace, just a tad short of the global financial impact of US$1.41 million for enterprise companies.

This is the finding of a yearly report by global cybersecurity firm Kaspersky conducted last year. The study, now in its ninth year showed that, aside from the monetary aftermath, corporate victims also confirmed losing approximately US$186 million on business opportunities after an attack involving precious data.

The regions covered by the study included LATAM (Latin America), Europe, North America, APAC (Asia-Pacific with China), Japan, Russia and META (Middle East, Turkey and Africa). For the SEA region, the majority of the businesses that experienced a data breach (53%) also paid compensation to clients or customers, encountered problems with attracting new customers (51%), were subjected to penalties or fines (41%), and lost some business partners (30%).

In terms of the data involved, most incidents saw leakages of customer-related details such as personally-identifiable information (53%), authentication credentials (33%), payment or credit card specifics (32%), account numbers (27%), and other personal particulars (26%). Personal employee information (30%) were also divulged accidentally, as well as sensitive corporate data (23%) and corporate intellectual property (16%).

Explained Yeo Siang Tiong, General Manager for Southeast Asia, Kaspersky: “It is important to know the (financial) damages( that) a single data breach can incur to a company, not to shame the entities involved but to serve as a lesson for those who assume their networks are safe. These victims from our region were brave enough to admit the issues … which resulted in such incidents. Most of them lack knowledge and technical team plus the low level of security awareness among their workforce. They also confess that appropriate IT security solutions remain a missing piece for their enterprise networks.”

Now for the good findings

Instead of crumbling, companies in SEA bounced back with positive changes after suffering a virtual drawback. The majority of the respondents (56%) put in place additional security policies and requirements, switched security vendor or service provider (53%), and improved authentication procedures for customers (49%).

Threat intelligence capabilities (62%) were also among the areas of technology enterprises invested into after a data breach, followed by an incident response program (61%), network detection technologies (61%), and endpoint detection tools (44%).

“The best way to recover after a breach is to reassess your IT security environment and to identify the exploited loopholes. Know the tools and technologies you have, and then improve upon them. If your business is still on its baby steps, endpoint solutions should be your first layer of technical defence. Think that any malware needs an open door to enter your network. Cybercriminals are intelligent enough to research on your weak points, so be sure that your systems’ doors are intelligently guarded,” Yeo adds.

Having established that data breaches can have a devastating effect on an organization’s reputation and financial bottom line, Kaspersky shared some best practices:

• Employ training and activities that will educate employees about cybersecurity basics, for example, to not open or store files from unknown sources of emails or websites as they could be harmful to the whole organization.
  
• Regularly remind staff how to deal with sensitive data, for example, to store only in trusted cloud services with authentication switched on, and never sharing it with untrusted third parties.
  
• Enforce the use of legitimate software downloaded from official sources.
  
• Make backups of essential data and regularly update IT equipment and applications to avoid unpatched vulnerabilities.
  
• Use a dedicated endpoint protection products that require minimal management, allowing employees to do their main job but protecting them from malware, ransomware, account takeover, online fraud and scams.