Commentary: With phishing scams on the rise, firms need to act and adopt 'simple' cybersecurity solutions

Digital dominance has dethroned cash as the ruler of our modern world.

The phrase “cash is king” is now a relic of the past, as a global survey revealed that nearly all e-commerce transactions are now digital, leaving cash on delivery with a mere 1 per cent stake.

However, this seismic shift towards digital payments has inadvertently led to an alarming surge in cyber scams, putting consumers at risk.

Recently, in Singapore, the case of a woman who was scammed S$20,000 for a single cup of bubble tea highlighted the alarming surge in scams. However, this incident represents only the tip of the iceberg within the massive wave of phishing attacks.

While companies have strengthened their security platforms over the past decades, hackers have also been forced to evolve and use more sophisticated means to infiltrate these systems.

Today, the stakes are even higher. It is no longer just a matter of losing a few thousand dollars. In Singapore alone, phishing scams have resulted in over S$500 million in financial losses last year.

For business leaders, failure to fortify their defences and safeguard both customers and enterprise puts them at the precipice of reputation and relationship damage.

HACKERS HAVE THEIR EYES ON ASIA PACIFIC

The Asia Pacific region has been plagued by a surge in phishing scams, encompassing a range of fraudulent activities targeting individuals and businesses.

Notably, the Trellix Advanced Research Centre has detected a significant increase in Hypertext Markup language (HTML) attachment campaigns, especially during the holiday season when online shoppers, retailers, and financial institutions become more susceptible to distractions and targeted attacks.

Amidst this relentless onslaught, it is crucial to reassess the region’s growing susceptibility to cyber threats.

Imagine a game of whack-a-mole: Just as players must remain vigilant and react quickly to hit the moles, businesses in the region should deploy technology as the “player” with an automated monitoring system.

This system detects and alerts information technology personnel to potential cyber attacks, enabling them to respond swiftly and tilt the balance in their favour.

Yet, the responsibility of implementing a robust cybersecurity platform is not the sole responsibility businesses bear. They must also prioritise the trust of their customers.

The onus is then on Chief Information Security Officers to drive how cybersecurity is perceived both internally and externally.

Cybersecurity must transcend from being merely compliant to a strategic practice that aligns with business objectives and cultivates transparent communication with customers.

In fact, according to a recent survey by PwC, 20 per cent of senior leaders identified establishing trust with customers through the ethical use and protection of their data as their top cybersecurity priority. This underscores the significance of placing customers’ interests at the forefront of cybersecurity initiatives.

As the rate of online phishing continues to increase in tandem with the rapid pace of digitalisation, organisations in the region must prioritise building digital trust with their customers.

This ongoing effort ensures customer confidence in conducting online transactions and sharing personal information.

COST OF CYBERCRIME OUTWEIGHS THAT OF CYBERSECURITY

To overcome the menace of phishing attacks, businesses must proactively confront these risks.

This entails implementing vigilant measures to actively monitor and mitigate potential threats before they can inflict harm.

An effective solution is investing in a comprehensive security solution that provides real-time monitoring and analysis across an organisation's entire digital ecosystem.

By detecting and responding to potential threats early on, businesses can minimise the impact of cyberattacks and protect their customers' data.

Investing in a living security solution also sends a message to customers that their safety and security is a top priority, which can foster increased customer faith.

Leveraging expertise in cybersecurity, businesses that adopt a comprehensive and streamlined approach to addressing threats across the entire technology landscape tend to achieve the greatest success in mitigating threats.

This approach surpasses traditional detection and responsive controls, and usually provides a holistic understanding of potential vulnerabilities.

While it may be impossible to eliminate accidental clicks, investing in an all-in-one solution can significantly mitigate potential threats and contribute to building digital trust with customers.

By doing so, businesses can bolster their defences against phishing attacks ensuring the protection of their operations and positioning themselves for long-term success in an evolving threat landscape.

SECURITY DOES NOT NEED TO BE COMPLICATED

The rapid adoption of new technologies and digital solutions in the Asia Pacific region has undoubtedly created a complex security landscape.

Unfortunately, this adoption often occurs without sufficient security measures, resulting in a fragmented approach to security.

According to the results from our recent “Mind of the Chief Information Security Officer” research, organisations in Singapore use an average of 28 individual security solutions.

Yet, despite the multitude of tools, 36 per cent of Chief Information Security Officers here expressed concern about the overwhelming number of security solutions they must manage without a single, centralised system.

This proliferation of solutions has further complicated security management, necessitating a shift towards a more strategic and unified approach.

To effectively tackle these cybersecurity challenges, companies should adopt automated solutions and a consolidated approach that brings together all their cybersecurity tools into a unified framework.

This consolidation is important for the security operations team to swiftly detect and respond to security incidents.

Extended detection and response is one such approach that allows organisations to combine multiple security products into a single platform.

By doing so, they can simplify their security infrastructure, reduce complexity and costs, and enhance the overall effectiveness of their security program.

Business leaders must now embrace a broader perspective and shift from fragmented security solutions to integrated, seamless workflows.

This forward-thinking approach enables businesses to defend against breaches and foster enduring customer relationships built on trust and transparency.

The power of trust should never be underestimated in the realm of digital security. Together, we can embrace the digital frontier and build a future where trust is the foundation of every transaction.

ABOUT THE AUTHOR:

Jonathan Tan is managing director of Trellix Asia and has more than 20 years of experience in the information technology & cybersecurity industry.