Mailbox: Steps to boosting cyber security

COMPANIES should actively guard against hacking of their data. Serious cyber security breaches, such as that at K Box ("K Box members feeling angry and insecure"; Wednesday), will not only affect the organisation's reputation but may also be symbolic of deeper security problems (for example, malware) that can cause sensitive data loss.

Although many companies are aware of the need for securing their data and websites, efforts towards cyber security can often be ad hoc. A comprehensive approach should be taken to guard against and respond swiftly to cyber threats.

The first step is to conduct a thorough review to identify security loopholes. This is especially important for websites that have log-in pages or collect customer data.

Security reviews should be carried out at least once every six months.

They can be done using security scanning tools or by hiring consultants to make sure attacks such as SQL injection (a technique used to penetrate databases) are not easily achievable.

Loopholes that are identified should be fixed as soon as possible, and measures should be put in place to prevent hacking of websites.

It is important to have Web application firewalls in addition to network firewalls. Web application firewalls are able to detect and prevent common Web application attacks such as cross-site scripting.

Of course, no protection is foolproof and it is important to have a proactive mechanism to detect hacking.

Proactive monitoring will allow the organisation's security team to act quickly before the security breach becomes disastrous.

For best results, constant monitoring and detection can be done by automated software that can help to scan websites as frequently as every few minutes.

Organisations need to work out an incident response and recovery plan before a security breach happens.

Such "crisis management plans" could include the formation of an incident response team and pre-prepared messages (for example, via social media, e-mail and temporary Web pages) to manage the damage.

After the "response and recovery" stage, the organisation should go back to the first step of doing a security review, to plan for and prevent future attacks.

Many organisations tend to have lax security controls in place for websites. It is important to get them to work closely with the IT security team.

The combination of people, process and technology will provide the best security against attackers.

Letter from Matthias Chin
Founder/Director
Banff Cyber Technologies

This article was first published on September 20, 2014.
Get a copy of The Straits Times or go to straitstimes.com for more stories.