The Hong Kong Applied Science and Technology Research Institute (ASTRI) organised the ‘Cybersecurity Forum: The Next-Gen Defence against Cyber-Threats on the second day of the Internet Economy Summit 2019, according to a press release.
Cybersecurity is a key concern in the digital era – that is the inevitable way of life for individuals and businesses alike. The forum explored tools and strategies for better preparedness in that context – including regulatory and compliance issues, professional approach to cybersecurity, securing cloud and other trusted services, and safeguarding businesses against increasingly sophisticated cyber-crimes.
The Chief Operating Officer of ASTRI stated that as a major global economic hub, Hong Kong must safeguard its financial activities and assets, to drive future growth and prosperity. Thus, in order to secure Hong Kong’s valuable information, processes and systems capital must be invested in building a strong pipeline of cybersecurity research, applications and talents.
ASTRI’s Senior Director of Security and Data Sciences presented an overview of Cybersecurity shared views and insights on the all-encompassing cybersecurity landscape and ecosystem.
Other speakers included various experts in the fields of business, science and technology and cybersecurity.
The speakers later took part in a panel discussion. The panellists had an interactive sharing with the audience, discussing tactics for businesses to embrace modern cybersecurity challenges.
Well over 200 tech experts, public and private sector representatives, aspiring entrepreneurs and investors participated in the forum.
Cybersecurity in Hong Kong
A report by the Hong Kong Productivity Council (HKPC) noted that Information Technology (IT) is already an essential and crucial element of everyday life. Both individuals and business parties are interconnected through the network of the “cyber world”.
However, similarly to the real world, the cyber world is exposed to various security threats that can cause immense impact and damage.
The promotion of digital transformation in every industry and in the daily lives of citizens, more intensive network communications and the use of big data will provide opportunities for both upstanding parties and attackers.
To keep pace with technological change, the HKSAR Government sees the need to keep track of the status of cybersecurity readiness.
The SSH Hong Kong Enterprise Cyber Security Readiness Index (SSH-HKECSRI) indicated that the overall level of security maturity among Hong Kong Enterprises is “Basic”. The SSH-HKECSRI in 2018 survey was 45.6 (equivalent to the “Basic” level) for all business categories.
“Financial services” was the best performing business category, reaching the “Managed” level with a score of 60.5. All other business categories were at the “Basic” level, in the range of 41 – 52.
“Large Enterprises” ranked higher than SMEs. In terms of company size, the Cyber Security Readiness Index for Large Enterprises alone was 58.3 (“Basic” level) and that of SMEs was 43.4 (“Basic” level). This means that larger enterprises generally adopted more comprehensive cybersecurity measures.
The majority of enterprises scored high in “data backup management” which can help mitigate ransomware and extortion attacks that target data.
The perceived impact of cyber-attacks was regarded as “High” (rating 4 out of 5) in all business categories.
Following the details of their findings HKPC put forward the following recommendations:
- Put more effort into cybersecurity to move the maturity level up to the “Managed” or “Anticipated” level.
- Manage Third Party Risks – enterprises should pay more attention to risks posed by third parties.
- Embrace Cyber Threat Detection Prevention strategy (e.g. firewall and antivirus) alone is no longer a sufficient form of defence. Enterprises should adopt the defence in depth approach and embrace detection strategies.
- Raise Cyber Security Awareness People are the last line of defence and yet is often a neglected aspect of security.
- Raise Awareness of Credentials Management More awareness education and technical seminars should be provided on credentials management and advanced solutions.
It is clear that Hong Kong’s governmental agencies and research institutes are working to create a more secure cyber-world wherein the region’s digital citizens are aware of the threats the face but are also equipped with the right tools to defend themselves.