Vital to have a proper plan to respond to a security breach

I read the recent report detailing the findings of the committee investigating the SingHealth data breach with great concern (Hearing reveals failings in work processes, staff judgment; Sept 27).

The investigations have revealed that there were inadequate measures taken to mitigate the security threat that arose.

In this instance, the cyber-security systems in place worked effectively to alert the relevant officers involved. Daily logs of the database did reveal attempts to log in to the records database.

While there is no doubt that the security infrastructure managed to successfully flag security threats, inadequate procedures prevented employees from dealing with the threat effectively.

There appears to be a lack of clarity over what needs to be done in the event of a data breach.

For instance, Mr Henry Arianto, in charge of the team responsible for the electronic medical records database for SingHealth, decided not to report a long-running query for fear of causing "false alarm" and "unnecessary work for senior management".

In addition, it has been revealed that standard operating procedures on dealing with a security incident had not been made known to staff.

Much needs to be done to achieve a robust secure environment in any organisation. Simply having the IT infrastructure to alert information security staff when a security threat is recognised isn't enough.

Implementing the proper response plan to such incidents is absolutely crucial, as is ensuring that all staff are properly trained on how to respond to a potential breach, both physical and digital.

They must be able to identify potential risk areas and implement common sense pre-emptive measures such as mandating a clean-desk policy, automatic timing-out of unattended computers as well as shredding both physical and digital data routinely and securely to prevent another data breach.

Clear open communication once a security threat has been identified, followed by a unified approach towards dealing with it are important practices that must be enforced. Otherwise, it is only a matter of time before we are hit again.

Jenson Tan

A version of this article appeared in the print edition of The Straits Times on October 04, 2018, with the headline 'Vital to have a proper plan to respond to a security breach'. Print Edition | Subscribe