The corona crisis has driven more and more companies to consider remote working as a legitimate alternative to working from the office. Considering the obvious security risks posed by this shift in workflow, EKONID held an online seminar to assist companies in ensuring that they do not fall to cybers attacks.
On October 28, 2021, EKONID held a seminar on cyber security titled “How to prepare your business against cyber-attacks”. Featuring the cyber-security expertise of Giesecke+Devrient (G+D) and Secunet International GmbH, more than 30 participants from various companies joined EKONID’s online seminar to learn the multitude of threats posed by cyber-attacks these days as well as the various solutions they can adopt to reduce or even eliminate cyber-attacks.
The impetus behind the online seminar is, as many would have surmised, the sudden burst of remote working as an effect of the COVID-19 pandemic. Before the pandemic, 5% of Americans spent their working time at home, according to data from the Economist Intelligence Unit. By spring 2020, this figure was 60%. As the trend spread across the globe, it has become even more apparent that remote working is here to stay. Companies are realizing that employees are actually spending more time working and are reportedly happier with their work conditions. In the recent Ernst & Young 2021 Work Reimagined Employee Survey, 53% of respondents say their organizational culture has changed and improved during the course of the COVID-19 pandemic, while only 31% believe it has worsened.
Whatever companies decide, it is important to note that the upward in remote working has also increased the risk of cyber security attacks. In 2020, a staggering 31% of global companies were attacked by cyber criminals at least once per day, according to a report from Acronis, a Swiss-based global technology company. According to cybersecurity firm Barracuda, ransomware attacks grew 64% year-on-year between August 2020 and August 2021.
As the main speakers for this online seminar, experts from G+D emphasize how the corporate approach plays a significant role in preventing the more dire effect of cyberattacks. Anveshi Sauraj, Head of Cyber Defense Center at G+D said 80% of firms has seen an increase in cyberattacks among organizations lacking in basic cybersecurity. She said more than 44% of these organizations did not even provide cybersecurity trainings such as, for example, ensuring that home networks have a strong password. 45% of employees have reportedly clicked phishing emails - a common practice among cyber-attackers in gaining access and information from the system.
Roehrich Matthias, President Director of G+D Indonesia emphasizes how crucial it is to be aware of cyberattacks and cybersecurity issues. To paraphrase Mr. Matthias, the internet is a system where roughly 30 billion computers are also interconnected and an attack need only come from one. As Indonesia moves towards Industry 4.0 and Internet of Things becomes more of a norm, IT security should ideally be 20% of a company’s capital expenditure, he said.
Meanwhile, Christoph Schambach, Sales Manager APAC of Secunet International GmbH, talked about the trend of cybersecurity and what is needed to future proof against cybersecurity attacks through AI and other advanced technologies. He said it is important to have masterplan should an attack occurs. This means not only having the knowledge of the tools, but also knowing which tool to use for certain attacks. As previously mentioned, awareness is an important part of preventing cyberattacks and knowledge remains our greatest tool. The combination of tools and process, with throughout plan from top to bottom, is a good weapon to fight against cyberattacks.
The speakers concluded thus: There is no silver bullet to cybersecurity. The best approach is a layered defense. The first and most important is education and awareness. Through several campaigns and trainings, companies could raise awareness and spread information for employees so they are aware of what is happening and know how to protect themselves. The next priority would be to have a cyber incident response plan. Discovering and prioritizing risk without taking any action won’t make any changes. Employees should know who to contact when a cyberattack occur – the reporting of which must be a simplified and defined process. The final layer are the other factors in what Mrs. Sauraj calls “cyber hygiene”. This includes information handling and protection, secure configuration, business resiliency, threat and vulnerability management, authentication authorization and accounting, and endpoint detection and response.
EKONID would like to thank the speakers from G+D and Secunet who shared their expertise as well as the all the participants who attended the event. We hope this online seminar has brought us a step closer towards growing our business stronger and more secure as we move toward the era of Industry 4.0.