Three things business leaders must acquaint themselves about security

A few years ago, Cathay Pacific suffered a lapse in data security, affecting the personal data of an estimated 9.4 million people. Along with the questions it raised around the effectiveness of cybersecurity for all firms, a top international law firm noted another effect: an uptick in interest in collective redress, a type of representative action resembling a class action lawsuit.

Two years later, cybersecurity would once again step into the spotlight as risk shot up, in step with millions of people around the world shifting to remote work during the global pandemic.

Multiple Asia-based offices of international insurance giant AXA, the Singapore-based arm of Japan-based insurance firm Tokio Marine Group, and several military groups in Southeast Asia have become just a few of the targets of ransomware attacks within the past year.

What is ransomware?

Ransomware is malicious software that infects a computer and restricts access to user data for a ransom. The cost of a ransomware attack can amount to nearly $2m per incident and have a global economic impact of over $20bn. Ransomware attacks rose by 93% last year.

As citizens become increasingly acquainted with the value of their data, any negligence, misuse or lack of adequate protection has moved into the spotlight of possible issues for company boards across the Asia Pacific and Japan. With class action and consumer group-led lawsuits on the rise, the responsibility to protect against ransomware and other cyberattacks that threaten user data and privacy has become more critical than ever for businesses.

The other reason that data and privacy have arisen as such important topics is timing. A recent Trend Micro survey found Asia Pacific to be the second-most vulnerable region in the world to cyberattacks, after North America. Ransomware attacks ranked in the top five cyber threats in the region, while confidence in company preparedness lagged: a staggering 86% of survey respondents believed they would be breached in the next 12 months.

In the wake of this information, business leaders should sit up and take notice: data breaches are no longer an issue that exists within a company itself – they sit at the board level as well.

What are the considerations before taking security steps?

Business leaders should expect increasing momentum toward ensuring the right measures are in place. Here are three things to keep in focus when implementing security measures.

Emphasise the importance of cybersecurity training for all

Ransomware has the ability to spread through a system like wildfire, but it needs an entry point, such as an infected email, email attachment, or application. No matter their role, any member of an organisation has the ability to lead the ransomware into the system.

A thorough, regular, and up-to-date trainings on best cybersecurity practices are the best preventative measure business leaders can employ to keep systems and profits safe, so make sure the organisation’s cybersecurity plan affords it the resources it needs.

Keep anti-virus and malware software updated

Up-to-date anti-virus and malware software can help catch and eliminate the most common ransomware payloads. Like any software, it needs frequent updates, but if used correctly, it can keep your business’ systems clean with minimal downtime and interruptions.

Have a secure backup ready

If protections happen to fail and a business finds itself dealing with a ransomware attack, one can gain access to a system again by restoring it from a secure and reliable backup, saving the business from downtime, data loss and an often-expensive ransom.

Veeam’s ransomware protection, for example, can restore a business’ data and system while adhering to compliance standards, with real time updates. Before restoring the system, the backup scans files for malware and provides flexible storage options for a range of files.

Ransomware attacks are much more a possibility, but they don’t have to cost the business significant portions of its profits. With the right cybersecurity infrastructure and training in place, firms can prepare and defend themselves against these breaches moving forward.


Rick Vanover is the Senior Director Product Strategy at Veeam.