Business owners and organisations need to have quick and comprehensive response plans for cyber attacks as breaches are inevitable, experts at a panel discussion on cyber security said yesterday.
Held during the Singapore International Cyber Week event, the panel discussion involved five cyber security experts and moderator Warren Fernandez, who is editor of The Straits Times and editor-in-chief of the Singapore Press Holdings' English/Malay/ Tamil Media Group.
Replying to a question on best practices for responses to cyber breaches, Mr Kevin Mandia, chief executive of American cyber security firm FireEye, said: "You have to do the dry runs, you have to do live fire drills. You have to get hands-on experience with the whole team, operating from event to fix."
Agreeing with him, Mr David Koh, Singapore's commissioner of Cybersecurity and chief executive of the Cyber Security Agency of Singapore, said the inevitability of cyber attacks makes it even more important to have response plans ready to go.
"It is not about if you will be targeted, but when you are going to be targeted. So, if you know you are going to get targeted, then the question is, do you have a response plan, and have you practised the response plan?" he added.
The other three panellists were Professor Lam Kwok Yan from Nanyang Technological University; Dr Guillaume Poupard, director-general of the National Agency for the Security of Information Systems in France; and Mr Md Shah Nuri, chief executive of the National Cyber Security Agency in Malaysia.
During the hour-long discussion held at the Suntec Singapore Convention and Exhibition Centre, experts emphasised the need for collaboration between nations and the sharing of best practices internationally, amid the mounting threat and scale of possible cyber attacks.
It is not about if you will be targeted, but when you are going to be targeted. So, if you know you are going to get targeted, then the question is, do you have a response plan, and have you practised the response plan?
MR DAVID KOH, commissioner of Cybersecurity and chief executive of the Cyber Security Agency of Singapore.
Mr Md Shah said that information sharing between nations would help cut response time to mitigate cyber attacks, as countries could work together to share analyses and work out actions that could be taken faster.
Mr Koh said: "We are learning from each other, we are all making it up as we go along, so there is a lot of room for sharing of best practices."
It was announced yesterday that Singapore will be setting up an Asean-Singapore Cybersecurity Centre of Excellence to strengthen Asean members' cyber strategy development, cyber legislation and research capabilities.