Cybersecurity Best Practices & Data Privacy Risks

26 January 2022, Wednesday – Following the launch of the Process Construction & Maintenance (PCM) Industry Digital Plan (IDP) last year, the Association continues to advocate for the adoption of digitalization. With most digital tools available online, there is an increased dependency on the Internet to perform day-to-day operations. While the nation is advanced in Internet connectivity than ever, the industry’s cybersecurity practices are falling short.

To address the cybersecurity concerns and raise awareness of the industry, ASPRI collaborated with the Association of Information Security Professionals (AiSP) to organise a webinar on this very topic. It aimed to provide insights into the best cybersecurity practices and how to manage data privacy risks.

In the first part of the webinar, Ms Faith Chng, AiSP EXCO Member, shared on the common cyber risks. They included ransomware, phishing, data leakage, hacking, and insider threats. Ms Chng explained that a cybercriminal first gathers information before developing a relationship with a victim. Once a relationship is formed, they then exploit any identified vulnerabilities and execute their cyber-attack. You may view Ms Chng’s presentation deck here.

Next, Mr Philip Ng, Co-founder and CEO of BitCyber, shared a study from Gartner, highlighting 91% of cyber-attacks start from phishing. It was also revealed a total of $2.29 million in fines were issued by the Personal Data Protection Commission (PDPC) for Personal Data Protection Act (PDPA) breaches in Singapore from 2019 to 2021. You may view Mr Ng’s presentation deck here.

Mr Ng also highlighted the importance for companies to appoint a data protection officer. Failure to do so will result in a fine from PDPC. He then shared various case studies which supported this claim. The case studies revealed no data were lost but the companies were fined for negligence and poor cybersecurity practices. He then shared a suite of data protection solution. It included Bitdefender, Actifile, and mamori.io, each protecting different types of data.

Finally, ASPRI would like to express our gratitude to our members for their attendance and commitment towards cybersecurity. We would also like to thank AiSP for collaborating with us. We hope to see you in future events!