Upgrade to Pro — share decks privately, control downloads, hide ads and more …

apidays Singapore 2023 - Securing and protectin...

apidays
January 19, 2024

apidays Singapore 2023 - Securing and protecting our digital way of life, Veronica Tan, Cyber Security Agency of Singapore

apidays Singapore 2023 - Resilience to adaptability through digitisation
April 12 & 13, 2023

Securing and protecting our digital way of life
Veronica Tan, Director at Cyber Security Agency of Singapore

------

Check out our conferences at https://www.apidays.global/

Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8

Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io

Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/

apidays

January 19, 2024
Tweet

More Decks by apidays

Other Decks in Programming

Transcript

  1. COVID-19 a major test of organisations’ resilience and adaptability Digital

    transformation as a sustainable growth engine 3 Source – World Economic Forum COVID-19 is pushing companies
  2. Interconnectedness and increased digitalization has put businesses onto a new

    trajectory of cyber threats 4 Source – “Verizon Data Breach Investigations Report 2022”, Verizon RANSOMWARE HAS CONTINUED ITS UPWARD TREND 13% SYSTEM INTRUSION INCIDENTS SUPPLY CHAIN RESPONSIBLE FOR 62% HUMAN FACTOR CONTINUES TO DRIVE BREACHES 82% OF BREACHES INVOLVED HUMAN ELEMENT
  3. Cybersecurity is one of the top risks that businesses pay

    attention to 5 Source – “The Global Risks Report 2023”, World Economic Forum Business Severity by stakeholder over the short term (2 years)
  4. Risk-based approach to cybersecurity helps organisations that are at different

    stages of cybersecurity journey 6 Source – Enterprise Singapore ~200,000 enterprises 160,000 micro enterprises 30,000 small enterprises 8,000 medium enterprises 2,000 large enterprises 99% RESOURCES FOR CYBERSECURITY High Low THREAT LANDSCAPE Volume Sophistication 1%
  5. CSA initiatives help organisations at different stages of cybersecurity journey

    to raise cyber resilience progressively 7 AWARENESS ACTION ADOPTION Cybersecurity Toolkit for • Enterprise Leaders • SME Owners Cybersecurity Toolkit for • Employees • Personnel managing IT Commercial Products/Services Cybersecurity Certification For organisations embarking in your cybersecurity journey For organisations ready for cybersecurity to be a competitive advantage
  6. AWARENESS Cybersecurity as part of your business risk management, not

    just a technical issue 8 Gap btw Business and Security Leaders Large Organisations SMEs SME OWNERS SECURITY-FOCUSED EXECUTIVES E.g. CIO, CISO, Chief Security Officer BUSINESS-FOCUSED EXECUTIVES E.g. CEO, Board Director, Chief Risk Officer CSA Cybersecurity Toolkits for Business Leaders
  7. ACTION Your employees as your first line of defense 9

    Cybersecurity Culture CSA Cybersecurity Toolkits for Employees Large Organisations SMEs Cybersecurity Awareness • Starts with awareness and includes everyone • Grows with employees’ understanding of cyber risks and their personal role and responsibility 1. Protect yourself from phishing 2. Set strong passphrases and protect them 3. Protect your corporate and personal devices 4. Report cyber incidents 5. Handle and disclose business- critical data carefully 6. Work on-site and telecommute in a secure manner
  8. ACTION Create cyber resilience across your supply chain 10 Cybersecurity

    Certification Concentration of Risks When a shared service or commonly used technology is disrupted by attackers Increasing Interdependence Technologies that support businesses, infrastructure and societies are increasingly interdependent and vulnerable Hardware Software Service Provider Your Organisation
  9. ADOPTION Cybersecurity as your competitive advantage 11 Customer questions to

    Provider – Are you Cyber Safe? Source – “Global Cybersecurity Outlook 2023”, World Economic Forum, Jan 2023 90% of respondents are concerned about cyber resilience of third-party organisations Large Organisations SMEs Typically have SMEs in their supply chain Consider them as critical partners When critical partners are taken out of action arising from a cyber incident, the entire ecosystem, including the larger organisation, is impacted
  10. ADOPTION Cybersecurity as your competitive advantage 12 CSA Cybersecurity Certification

    for Organisations VISIBLE INDICATOR of the cybersecurity practices implemented BUILDS TRUST with your customers, provides assurance by being “cyber safe” COMPETITIVE EDGE for your business, enables differentiation from competitors BENEFITS FOR ORGANISATIONS
  11. Cyber Essentials mark 13 ASSETS SECURE/ PROTECT UPDATE BACKUP RESPOND

    Certification Validity 2years Assessment Mode By independent assessor Desktop assessment FOR ORGANISATIONS THAT ARE EMBARKING ON THEIR CYBERSECURITY JOURNEY • Recognition of good cyber hygiene for protection from common cyber attacks • Simplifies cybersecurity by prioritising the measures to focus on first
  12. Cyber Trust mark 15 MARK OF DISTINCTION FOR ORGANISATIONS WITH

    MORE EXTENSIVE DIGITALISATION • Recognise organisations as trusted partners with robust cybersecurity • Takes on risk-based approach to meet your organisation needs without over-investing 10 domains 13 domains 16 domains 19 domains 22 domains Supporter Practitioner Promoter Performer Advocate Certification Validity 3years Assessment Mode By independent assessor 1.Documentation 2.Implementation and effectiveness
  13. Where are you in your cybersecurity journey? 18 Make cybersecurity

    your competitive advantage Implement cybersecurity measures that are commensurate with your risk profile Make cybersecurity your competitive advantage Protect yourself from common cyber attacks Develop your cybersecurity health plan Assess your cyber health Recognise cybersecurity as part of your business risk management www.csa.gov.sg/ sgcybersafe
  14. Cybersecurity is part of organisational resilience and a collective responsibility

    19 BE A TRUSTED PARTNER With Cyber Trust and Cyber Essentials Individual Cybersecurity as our personal role and responsibility Organisation Develop cyber resilience Be a trusted partner in the supply chain Global International collaboration and cooperation