We would like to thank Veronica Tan from Cybersecurity Agency of Singapore for the invitation of our CEO, Shane Chiang to be a panel speaker at the recent Cloud Security Alliance event hosted by Hing Yan Lee in Singapore. As more and more organization adopt digitalisation and moving to the cloud, it is always important to note that basic cybersecurity awareness and design thinking should remain the same and actually even more.
Here are some 𝐭𝐢𝐩𝐬 𝐚𝐧𝐝 𝐭𝐫𝐢𝐜𝐤𝐬 for business owner or stakeholder, one essential question you must ask is your vendor that you deem as critical to your business:
"𝑾𝒉𝒂𝒕 𝒊𝒔 𝒚𝒐𝒖𝒓 𝒄𝒚𝒃𝒆𝒓𝒔𝒆𝒄𝒖𝒓𝒊𝒕𝒚 𝒑𝒍𝒂𝒏 𝒕𝒐 𝒑𝒓𝒐𝒕𝒆𝒄𝒕 𝒎𝒚 𝒄𝒐𝒎𝒑𝒂𝒏𝒚 𝒊𝒏 𝒕𝒉𝒆 𝒆𝒗𝒆𝒏𝒕 𝒐𝒇 𝒂 𝒃𝒓𝒆𝒂𝒄𝒉?"
If the response is an uncomfortable silence, then the answer is clear. To ensure that your vendors and partners have adequate measures in place to counteract cyber threats, consider the following strategies:
𝐄𝐯𝐚𝐥𝐮𝐚𝐭𝐞 𝐭𝐡𝐞𝐢𝐫 𝐂𝐲𝐛𝐞𝐫𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐏𝐫𝐨𝐭𝐨𝐜𝐨𝐥𝐬: Request detailed information about their cybersecurity strategies. This should include their policies on data protection, access control, and regular security audits.
𝐈𝐧𝐜𝐢𝐝𝐞𝐧𝐭 𝐑𝐞𝐬𝐩𝐨𝐧𝐬𝐞 𝐏𝐥𝐚𝐧: Ensure they have a solid incident response plan in place. This plan should detail how they will respond to a cyber breach, including steps to identify, contain, and eradicate the threat, as well as measures to recover and learn from the incident.
𝐑𝐞𝐠𝐮𝐥𝐚𝐫 𝐔𝐩𝐝𝐚𝐭𝐞𝐬 𝐚𝐧𝐝 𝐏𝐚𝐭𝐜𝐡𝐞𝐬: Ask about their procedures for regular updates and patches. Timely updates are crucial in preventing cyber-attacks.
𝐄𝐦𝐩𝐥𝐨𝐲𝐞𝐞 𝐓𝐫𝐚𝐢𝐧𝐢𝐧𝐠:Human error is a significant cause of data breaches. As such, confirm whether they provide regular cybersecurity training to their employees to help them recognize and respond to potential threats.
𝐓𝐡𝐢𝐫𝐝-𝐏𝐚𝐫𝐭𝐲 𝐕𝐞𝐫𝐢𝐟𝐢𝐜𝐚𝐭𝐢𝐨𝐧: If possible, seek third-party verification of their cybersecurity measures. This could be in the form of certifications or audits from recognized cybersecurity bodies.
𝐂𝐲𝐛𝐞𝐫 𝐈𝐧𝐬𝐮𝐫𝐚𝐧𝐜𝐞: Check if they have cyber insurance. This is a good indicator of their commitment to cybersecurity and provides a safety net in case of a breach.
In this digital age, ensuring your partners and vendors prioritize cybersecurity is paramount. By following these steps, you can help protect your company from potential cyber threats.