We are currently seeing a lot of noise about cyber security in the press and the industry in general. Much of this stems from the widespread ransomware attacks that have made headline news across the globe earlier this year. Undoubtedly, this noise does a good job in heightening awareness, but it doesn’t always help in getting solid and reliable facts and advice to the people that really need it.
The threat landscape is more challenging now than it has ever been. The threats that we face are increasingly complex, diverse and intelligent. Additionally, the rate at which these threats morph and evolve is accelerating and will continue to do so.
The companies that specialise in providing security solutions to protect us are well-resourced and continue to keep pace with their adversaries on the other side of the security fence. Whilst that is good news, one of the challenges that security companies and organisations face is keeping users and managers of IT systems educated at a rate that keeps pace with the threats they face.
In short, if you don’t understand the threat you face or keep pace with how that threat evolves, you won’t invest in updated solutions to fight that threat. This applies to the professionals who are responsible for running security systems. Likewise, it also applies to their users whom also need to be continually educated. Users have always been a potential weak link in security defences. Keeping users aware of changing threats is an important part of the overall defence strategy.
In a recent survey DSA conducted on behalf of Trend Micro in October this year, titled “State of the Nation – The Singapore Cyber Threat”, over one-third of security and IT professionals in Singapore identified lack of education amongst their users as a factor that has increased the security threat to their organisation. The survey also highlighted confusion and lack of clarity on advanced threat protection technologies such as machine learning and artificial intelligence.
Knowledge is the backstop in any security strategy. Arming yourself with the most current understanding of the newest threats and the technology to mitigate against them is a critical and fundamental element of any security strategy. Based on the findings referenced above, it looks like many Singaporean IT and security professionals agree that knowledge is king. The important next step is to cut through the noise to stay educated from reliable sources.