MANILA—Leading digital enterprise solutions provider ePLDT advised companies that employing data security and hardware are not enough in deterring cybercrime incidents in the company.
ePLDT said that enterprises should focus on implementing strict security protocols and hiring people who are experienced in addressing cyberthreats.
“Companies that focus on data security technology alone unfortunately do not understand cybersecurity. Because a single attack can affect every department of a company, cybersecurity therefore should be approached holistically by integrating it in every aspect, not just in technology.
To do this, a company must first focus on having a strict protocol or process and must have the right people who are skilled to combat different kinds of threats. Once these are integrated with the appropriate technology, a company can achieve business resiliency,” Angel Redoble, Chief Information Security Officer of ePLDT, said in a statement.
The view comes after the Ernst and Young’s Global Information Security Survey of 2016 and 2017 revealed that 64 percent of 1,735 firms surveyed, including Philippine companies, admitted that they had zero or mere informal threat intelligence programs.
Furthermore, 42 percent do not have a communications strategy or plan in place in the event of a significant cyber attack.
A security process or program provides the framework for ensuring a company at a desired security level by assessing the risks, deciding how to mitigate them, and planning on how to keep programs and practices up to date.
ePLDT noted that this is where companies fail because they only treat cybersecurity as technology or software.
“The hundreds of thousands of vulnerabilities that are recorded every day plus the evolving hacking methods just goes to show that like a process, cybersecurity is a never-ending journey and should be evolved to mitigate & manage new threats,” according to Redoble.
Data security skills are also crucial since a skilled workforce can identify and better understand how to handle threats to data such as malware or hackers seeking confidential information.
Fortunately due to the current trends and developments in cybersecurity, businesses can now achieve the process, technology, and skills to uphold security through inexpensive means. By administering an assessment of their current capabilities, a company can already set certain protocols while the lack of skills problem can be addressed by teaching the staff how to recognize an attack.
With regards to technology, there are various data security measures that are offered subscription-based. However, applying these may leave a company’s in-house information technology (IT) department drained and lead them to focus on security rather than increasing productivity.
Thus, ePLDT recommends companies to partner with an end to end data security provider.
As a leader in data security services in the country, ePLDT’s Cyber Security portfolio is a suite of services that cover devices, systems, processes, and expertise, designed to defend enterprises from multiple security risks, evolving threats, and malicious software attacks.
The portfolio is further boosted by ePLDT’s vast infrastructure network due to its 9 state-of-the art data centers and is recognized internationally through its ISO 27001:2005 Information Security Management System (ISMS) certification.