| |
| |
 |
| |
|
| |
|
| |
|
SINGAPORE: Singapore's Coordinating Minister for National Security, Professor S Jayakumar has stressed the need for continued vigilance and a whole-of-nation approach when it comes to national security.
Speaking at a gathering of some 700 business leaders Tuesday, he said companies cannot carry on with "business-as-usual" given the nature of security threats.
Citing the recent arrests under the Internal Security Act, Prof Jayakumar noted terrorists are making use of the anonymity of cyberspace to spread their ideology.
Three weeks ago, customers of DBS, one of Singapore's major banks, were left without banking services for seven hours.
While the outage was not the result of a deliberate sabotage, Prof Jayakumar said the incident highlights the vulnerability of any IT infrastructure.
He added that the technologies that empower businesses also empower those who want to disrupt and destroy.
Prof Jayakumar noted: "In today's world, acts of terror can come not only from a few extremists wearing suicide vests but from a few key strokes on the computer - a "weapon of mass disruption".
Here in Singapore, two-thirds of businesses have encountered cyber attacks over the past 12 months.
So it is critical for businesses to have infocomm security and protect its supply chain.
Prof Jayakumar also urged organisations to invest in security as a long-term business strategy given their reliance on the Internet.
Securing a company's supply chain management is as crucial. He said any serious disruption to maritime commerce and shipping lanes will cause dramatic and unpredictable turbulence.
Professor Jayakumar said any breaches will have ripple effects on the economy and society.
But experts say companies also need to understand that even the simplest acts could be crippling to businesses.
John Ho Chi, partner, Advisory Services at Ernst & Young, said: "A lot of the risk could be in the simple form of what sort of access have been given to them to the system. So this could be powerful user privileges or access to information databanks, where they could easily copy the information out or sell it to someone else for financial gain. And these if not adequately protected - with cheaper storage and more portable devices - makes it very easy for that kind of information leakage".
The DBS incident highlights the need for companies to rope in their vendors in any business continuity plan.
Victor Tay, chief operating officer of the Singapore Business Federation said: "Especially in a trend of increasing outsourcing, a lot of companies are outsourcing because of lower cost base and looking for the most cost effective vendor. Naturally, there will be cost saving but what we should be looking at is right sourcing and the other message is the company is only as strong as its weakest link.
"While we do business continuity or risk planning, there's a need to bring in your business partner because your business partner is part of your value chain in delivering the service to your customer. If one part of your service were to break down or one part of your chain were to break down, naturally it will leave us exposed to the vulnerability."
Since the Singapore Business Federation started offering its Business Continuity Management Programme, only 60 or so companies are in the process of being certified.
It hopes that more will come on board to inoculate their business against risks.
The Business Continuity Management Programme is a certification scheme.
Companies pay at least $8,000 to $15,000 to get certified. They then undergo a three to six month long programme which may include the appointment of consultants.
The programme involves putting the company through various stages of risk planning. This will include identifying critical points of weakness, role playing as well as staff training.
Companies can apply for a grant from SPRING Singapore to get funding that could cover up to 70 per cent of costs.
A key message is that security is everybody's business. So while plans can be in place at the national level, everyone, including businesses and the individual needs to be aware of what they can do to protect themselves because the weakest link could lead to a major incident."
- CNA/jm
|
