In their heinous acts, cybercriminals take no prisoners — not even penniless people. The same goes for struggling organizations that downplay cybersecurity.

Rcently in the Philippines, 3.3 million users of the online money lending platform Cashalo had their personal information leaked into the Dark Web.

This was not the first time a shocking data breach had occurred in the country. In 2018, a popular fastfood chain had its online delivery service suspended due to a data breach. Persons unknown to the company were able to access the customer database of its delivery website.

In the Cashalo breach, a National Privacy Commission (NPC) probe has been convened, but the damage has already been done. Victims of the breach could soon be targeted by hackers through identity theft, credential stuffing and other cybercrimes.

Cybersecurity amid economic recovery

Even with the economy grinding to a halt, corporations can do more to avoid data breaches.

While several mayors in the capital fight to put the entire country under the least strict level of quarantine (Modified General Community Quarantine or MGCQ), the delayed delivery of vaccines had made President Rodrigo Roa Duterte reluctant to ease restrictions.

Knowing that the penalties and legal/brand damage resulting from data breaches can be a huge strain on organizational survival, what can business do while they contend with pandemic control measures? Ironically, even organizations that are pivoting to the digital economy to survive, could be exposing themselves to even greater cyber risks.

Some organizations may have the mindset of “it will not happen to us.” As a result, when they embark on digital transformation initiatives, cybersecurity is not a top of-the-mind issue — budgetary constraints will force them to focus on innovation first, and protection later… if budget permits.

Digitalize or dieData breach and die, for sure!

As Peter Gatt, partner and lead of Servian (SEA) once noted: “It is vital to have the right setup to handle cybercrime and threats, and, contrary to popular belief, it does not have to be time-consuming or costly to put up security nets. Economical security approaches are available.  

One solution is to outsource digital transformation consultation through managed services providers (MSPs). These specialist firms can remotely handle an organization’s IT infrastructure and/or end-user systems, backed by a Service Level Agreement.

In a best-case scenario, a highly capable and reliable MSP can provide recommend a comprehensive digitalization strategy natively tied to 24/7 cybersecurity services and solutions at a higher return-on-investment than if the organization were to invest on an internal 24/7 team.  

Is the MSP route right for you?

Companies engage MSPs primarily for the security expertise and these vendors’ dedicated resources for staying on top of trends and techniques to help guard the network.

As organizations move more things to the Cloud, new attack vectors are exposed, and with the sophistication of cybercriminals these days, it is unrealistic to have a one-size-fits-all cybersecurity solution. Therefore, if your organization or business decides not to rely on internal IT teams, then it will be good to choose an MSP to guide the organization on establishing a digitalization plan that is built from the ground up around cybersecurity.

Such an MSP will demonstrate its commitment to understand the unique needs of each client, and then develop an effective digitalization strategy built on the foundation of strong cybersecurity policies. Alternatively, organizations that have already embarked on digital transformation but underestimated the cybersecurity element can also seek the help of MSPs specializing in tagging-on the missing pieces without losing sight of the holistic approach to the entire organization’s culture and structure.

Victimizing people in debt?

Cybercriminals want to get their hands on as much data as they can, so that they can monetize the personal information. The wider their reach, the higher their chances of success and maximizing the profits.

These unconscionable people do not care that the Cashalo customers they victimize could be heavily in debt (otherwise they would not be turning to a money lending platform) — to state-sponsored actors, mercenary hackers or any of their ilk, victims are just collateral damage in the big picture. The same goes for corporations that meant to be more vigilant but were not, or any organization that could not afford an MSP…

With that in mind, we can be sure breaches will happen, and not just in the Philippines but in many other countries. Please take action NOW.