One in three chief information officers (CIOs) in Singapore believes that their employees pose their greatest security risk, a survey commissioned by Robert Half showed yesterday, signalling a growing concern for companies as staff increasingly use their own laptops, tablets and smartphones at work.

Traditionally, the response to IT security has been to find the optimum way to protect the business from external security attacks. But a growing risk now faces organisations in the form of potential internal security threats. This threat is made evident by the fact that almost three in four, or 74 per cent, of CIOs allow their employees to access corporate data on their personal devices, said the report, which surveyed 100 CIOs.

According to the report — Cyber-security: Defending your future — 36 per cent of CIOs say a lack of employee knowledge and skills around data security is the most significant security risk their organisation will face in the next five years.

“Although it may not be intentional, simple human error can expose companies to increased cyber attacks and situations where sensitive company data can be compromised. The impact of a data security breach on a company’s reputation can be devastating and it can take years to win back customer confidence,” said Mr Matthieu Imbert-Bouchard, managing director of Robert Half Singapore.

The report showed that 72 per cent of Singaporean CIOs say the number of detected security threats has increased compared with 12 months ago.

The top three IT security risks facing organisations, the report said, are: Data abuse/data integrity (59 per cent), spying/spyware/ransomware (54 per cent) and cyber crime (53 per cent).

To combat the threat posed by employees using their own devices at work, nearly all (97 per cent) of CIOs are taking action to protect their company from potential data breaches.

The most common response (58 per cent) is to train personnel on cyber security policies and corporate practices when using their personal devices. Signing an acceptable use policy also seems to be standard practice for more than half (57 per cent) of the Singaporean companies. Technical applications are being implemented with 53 per cent saying they are deploying mobile device management technology and 52 per cent are using authentication software.

To reduce the prospects of data being compromised or stolen by cyber attackers, the Infocomm Development Authority of Singapore said earlier this year that civil servants will no longer be able to access the Internet on their work computers by May next year.

Despite the restrictions, civil servants will still be able to surf the Internet on separate computers or mobile devices, either belonging to the individual or provided by their organisations.

Prime Minister Lee Hsien Loong, who volunteered to be the first to try out this new way of working and has been using two separate computer systems since the start of the year, has said that the decision is “absolutely necessary” to fight off increasingly intense and sophisticated cyber threats.

Source:
courtesy of TODAY

by TODAY ONLINE

If you have any stories or news that you would like to share with the global online community, please feel free to share it with us by contacting us directly at [email protected]