SingHealth : What we can learn from the recent Singapore data breach?
Thanks to increased connectivity, data is fuelling our digital economy and creating new opportunities in a huge range of different areas such as agriculture, health and manufacturing to name a few. Data is valuable, which makes it an enticing commodity for legitimate and malicious parties alike.
As technology becomes increasingly woven into the fabric of our lives, so too does the threat of cyber-attack. This new reality was recently highlighted when SingHealth, Singapore’s largest healthcare provider, became the victim of a large-scale cyber-attack. The breach resulted in criminals acquiring 1.5 million SingHealth patients’ non-medical personal data.
160,000 of those records contained sensitive information about the patients’ dispensed medicines’ records as well. According to government sources, this makes it the “most serious breach of personal data” recorded in Singapore’s history. It also highlights that no one is exempt from data theft, not even Singapore’s Prime Minister Lee Hsieng Loong, who was also targeted in the attack.
Confronting the cost of data breaches
According to Juniper Research, the cost of data breaches globally is expected to skyrocket to $2 Trillion by 2019, highlighting their financial impact. They also affect the bottom line. Last week, Facebook published its Q2 financial results, prompting a $15 Bn drop in its share value in a single day, with many pointing to its recent data scandals as the trigger.
However, it’s not all doom and gloom. In many ways, this has been a watershed moment for cyber security, with consumers and businesses waking up to the importance of data security. 2018 kicked off with the launch of a “Global Centre for Cybersecurity” at the World Economic Forum in Davos. This year we also saw the General Data Protection Regulation (GDPR) come into enforcement in Europe in May. Globally, we are seeing a growing response to the cyber criminals, and a concerted effort to make organisations take responsibility for their customers’ data.
The SingHealth breach has also already triggered action among Singapore’s financial institutions. The Monetary Authority of Singapore (MAS) last week issued a directive to banks to ensure that they do not solely rely on the kind of information that was stolen during the breach such as name, phone number, address or date of birth.
Addressing cyber attacks at the source
While it’s great to see a growing response to data protection, businesses should be looking at their own processes and thinking about how they can evolve to address the fluid nature of cyber threats.
The problem many organisations face is that their security operations centres are facing an eye-watering increase in unprocessed information. Enterprises typically have 50-100 security-related event source types generating hundreds of thousands of events per second. Manually reviewing every event log isn’t possible, making it difficult for security analysts to see the forest from the trees.
Given the significant reputational and financial weight that comes with a data breach, organisations must find a way to effectively address cyber threats. One solution available to time and resource-strapped in-house security teams is a cloud-based Cloud Security Information and Event Management (SIEM) platform. While not every organisation has the budget capacity to create and manage their own SIEM system, or the highly-skilled staff to manage it, there are managed SIEM solutions which are scalable for your business.
The main benefits of a SIEM system is that you get a holistic view of your IT security in one system, collecting and logging all security-related events for analysis from a variety of agents, including routers, firewalls, servers and data bases.
Another consideration for businesses is choosing a suite of security solutions that can meet evolving business models. Technologies such as the Internet of Things (IoT) are on the rise, producing vast amounts of data and presenting numerous new entry points for hackers looking to attack the network. To remain secure from these threats, businesses need to ensure they invest in a stronger multi-level cloud security management strategy, so that the entire network is secure at every entry point.
Security professionals are also adapting their tools to meet the analysis needs of IoT, which generates a huge volume of data. Many advanced security solutions now leverage Artificial Intelligence (AI) in their solutions set, to speed up the accuracy and efficiency of their threat detection.
Like the PM, Mr. Lee said, "Cyber theft is a key risk when going digital. But we cannot stop the digital advance and must strive to build the most secure Smart Nation." The best organisations can do, is be aware of the risks and work with security providers who can help predict, monitor and prevent cyber-attacks.
Clearly, attacks such as these have a hugely damaging effect on businesses. Organisations need to take stock of the cautionary tales and see investment in security as an investment in their future.