Educate employees on cyber security


The Committee of Inquiry's (COI) key findings and recommendations from its investigation into the cyber attack on SingHealth have implications for both the private and public sectors (Probe report on SingHealth data breach points to basic failings; Jan 10).

The data breach could potentially have been avoided had the leadership team instituted a culture of vigilance against cyber attacks.

The financial services sector could learn valuable lessons from the SingHealth episode.

In today's banking environment, financial criminals are constantly looking for new means and technologies to defraud the system.

Our local banks have responded well by deploying advanced technology, such as the use of data analytics and artificial intelligence to counter these.

As a nation, Singapore must be wary of the threat posed by highly sophisticated criminals, which may include state-sponsored actors.

More than ever, there is a need for stakeholders such as organisations, industry partners and regulators to sharpen surveillance on a regular basis, or risk being on the wrong end of an attack.

Organisations need to educate their employees on cyber security, so as to not fall prey to techniques used by cyber criminals, such as the use of phishing to lure an unsuspecting user into sending confidential data.

Employees should know how to react immediately when faced with a potential security breach.

Waiting until the last moment to respond to a data breach like SingHealth's can cost an organisation dearly.

Sattar Bawany (Professor)