Singapore’s Businesses Face Increasing Cyberattack Risks

Have You Mitigated Your Business’ Risks to Survive a Cyberattack?

Contributed by MK Chan, Corporate Development Director, Financial Alliance Pte Ltd
(The contributor can be contacted at mkchan@fa.sg)

Cyberattacks – you see them in the news, you hear about them from your friends or associates from other organisations. These attacks are on the rise. What’s more, not all are reported – that may lull many into a false sense of security. Don’t be among the complacent.

According to Infosecurity Magazine and Computer Weekly, cyberattacks doubled in 2017. The recent cyberattack on SingHealth is the latest in a string of high profile targets in Singapore. Many may recall the Messiah attacks in 2013, the K Box data breach in 2014 and the MINDEF data breach in 2017. These high-profile incidents clearly show that the best-laid cyber defenses are not enough to deter a determined attacker. No one knows when and how the next attack will take place, and who will be the target.

It would be dangerous to assume that the 2017 attack on Equifax Inc (a consumer credit reporting agency listed on the New York Stock Exchange), in which about 150 million consumers’ data were compromised and is costing Equifax heavily to recover from, would never happen in Singapore or to your business.

It would also be foolish to assume the attacks could only launched from the cold by complete outsiders and rule out inside help or prior access to network architecture as previously trusted vendors or employees.

Escalating Stakes and Frequency

Make no mistake. The stakes have escalated.  The frequency is increasing. Cyberattacks are the new reality.

Whether the attackers are out to collect information to use or sell, infect the target’s database, embarrass the target or fulfil other goals, the targets invariably suffer the consequences. In June 2018, the International Monetary Fund was reported to have gone as far as to warn that a cyberattack could cost a bank half its profits. For a business who doesn’t enjoy the same profit levels as those of banks, the financial consequences could cripple it – or wipe it out.

In Networks Asia’s July 2018 report on the rising number of cyberattacks in Singapore, almost 40% of the cases reported to SingCERT in 2017 involved businesses, mostly SMEs. Bearing in mind again that not all cases are reported, the real number of attacks is very likely to be staggering.

In May 2018, Microsoft Singapore, citing a study by Frost and Sullivan, said cybersecurity threats could potentially cost organisations in Singapore US$17.7 billion in economic losses. The study also “showed that more than half of the organisations surveyed in Singapore have either experienced a cybersecurity incident (20%) or are not sure if they had one as they have not performed proper forensics or data breach assessment (33%).”

Not only would a cyberattack lead to productivity losses, remediation costs and fines, it could also lead to loss of customers due to reputational loss. The damage to a business could be incalculable if a cyberattack is not properly managed, if remedial measures are not immediately taken and if reassurances are not communicated to affected parties and the public in a convincing and timely manner.

Activate Immediate Damage Control When Attacked

At the crucial juncture of a cyberattack, your business’ Cyber Risks Insurance could be your lifeline. Benefits come in the form of 24/7 access to insurer-appointed damage control specialists, such as public relations services, IT forensics, legal services, etc, subject to the insurance cover’s limits. Depending on the insurer and their conditions, insured businesses may have the choice of using their own damage control specialists and making a reimbursement claim thereafter, subject again to the insurance cover’s limits, of course.

With Cyber Risks Insurance in place, your business gets access to services that are not retained by your business under normal circumstances. It is like activating your own crisis management team when a cyberattack hits your business.

Only a handful of insurers in Singapore offer Cyber Risks Insurance. Among them, three offer simplified packages for SMEs (eligibility criteria differ across the firms).

Avoid further delay. Contact us today at +65 6222 1889 or gienquiries@fa.sg to find out more about Cyber Risks Insurance in Singapore and make preparations for your business to survive after a cyberattack.

Special thanks to Ms Karen Lee, Financial Alliance’s Manager for General Insurance and Group Insurance, for sharing her knowledge and experience to make this article possible.