PDPA Compliance: Is Your company’s data free from Cyber Threats?
Cyber activities are becoming more common than you think. According to a survey report released by the Cyber Security Agency of Singapore (CSA), there has been a huge increase in cyber threats such as data breach.
Businesses in Singapore suffered losses of around S$58 million in 2018, representing an increase of about 31 percent from 20171.
With the risk of high loss due to cyber threats, this blog article aims to share some simple and cost-effective ways to keep your business safe in the upcoming year.
To begin, let’s first have a basic understanding of the possible cybercrime and its impact.
What is data breach?
In today’s internet world, data breaches are becoming more common for businesses, regardless of the organisation’s size and complexity. Data breach is a security vulnerability where confidential data or sensitive information is released to untrusted websites or misused by cybercriminals. This means that data is at risk of being stolen, transmitted or viewed by unauthorised people outside of your company, which can also be known as a data leak.
How does data breach occur?
Some business owners may think that having a single firewall is sufficient enough to deal with a cyberattack. This mindset increases the attractiveness of the cybercrime industry and provides more targets for attackers to make their profit. A data breach can happen to an organisation in multiple ways such as
Employee Focus attacks: Cybercriminals could send malicious emails that look valid and real to simply request the targeted employees to send in the required details. Employees who have been deceived will unknowingly leak important information that provides hackers with access to all your organisation’s data.
Alternatively, it could be due to sharing of private information to the wrong person. For instance, attaching an important document that contains customer details to someone outside of your organisation who does not have any permission or right to view, and the file can be read by them without any further authentication, like a password.
Malware attack: The data that your organisation owns is very attractive to cybercriminals. To obtain those valuable data, cybercriminals could use malware to hack into your system. One of those is known as Ransomware, which is a malicious program used to acquire a significant amount of data and likely to perform encryption in a single attack. With that, the cybercriminal is able to demand and threaten for payment from the victim in exchange for a decryption key.
Outcome Of Data Breach
Upon data breach, there are many lethal results that could lead to termination of business operation, temporarily or permanently. Data breaches can damage both business and consumers in terms of reputation, which is costly and timely to be repaired. Moreover, businesses may face additional damages in the form of fines or penalties. These consequences may vary due to the type of data breaches and violation of the Personal Data Protection Act.
What is the Personal Data Protection Act (PDPA)?
PDPA is a law that aims to protect all relevant information of an individual such as NRIC, bank account details, among other information against any organisation that is likely to have revealed, collected and used it, despite the credibility of the information. With PDPA, this means that all corporations in Singapore will have to follow a set of baseline standards when managing possession of all individual’s data, even by the firm’s own employees.
How is the PDPA enforced?
The Personal Data Protection Commission (PDPC) has been established to manage and enforce PDPA. The PDPC will determine if a business is not in compliance with PDPA, and the particular company may receive instructions and consequences, such as terminating any collection, use, and disclosure of data in business operations. The company would also be expected to pay fines not exceeding S$1 million.
Protecting against data breach with cybersecurity
With the growth of the internet, there are different security needs such as the application, cloud, mobile, network and endpoint securities. Also, data loss prevention, identify and access management. Cybersecurity is the general IT term to cover different defence remedies and it will allow your corporate to secure the system against any cyberattacks that may lead to data breaches.
Cybersecurity Practices To Mitigate The Risk of Data Breach
These are some easy and effective cybersecurity methods that can ensure that all vulnerable devices, applications, networks, and data in your company’s holding are being protected against any threats.
Secure All Network and Device
This can be done by first installing security software that includes anti-virus and anti-spam filters, which can help your business reduce the possibility of falling for phishing emails and mitigate malware infection.
Also, a firewall could be applied together to track the in and out traffic between all your company computers and the internet. With a firewall in place, the business internal network can be further secured.
Secure With Encryption
Always make sure that your data in files are encrypted in secret code or password when sharing on to the internet. This helps to reduce the risk of data being stolen or destructed online.
Enforce Cybersecurity Policies
By stating out the relevant rules and regulations, your employees can be educated on security issues and things to take note of when they are visiting internet sites or emails.
The right cybersecurity is needed in order to mitigate your corporate’s sensitive data such as financial information, trade secrets or intellectual property of the customers or users. With cyber attackers and hackers becoming more prominent and creative it is difficult to acquire an effective solution. Not to worry! At Netpluz, we have partnered with leading cybersecurity vendors such as Nexusguard, Sophos, Druva and many more that can provide a variety of cybersecurity solutions that can help your company reduce the negative impacts of data breaching and at the same time save cost.
Do not hesitate to schedule a call to find out more about ways to defend your data, or email us to arrange for an appointment with our experienced manager, and we will provide ways for you to become more secure.
Author: Ada Foo Jiaxin
1 CISOMAG. “Around 6,200 Cyber-Attacks Reported in Singapore Last Year: CSA.” CISO MAG | Cyber Security Magazine, 20 June 2019, www.cisomag.com/around-6200-cyber-attacks-reported-in-singapore-last-year-csa/
Irwin, Luke. “The 6 Most Common Ways Data Breaches Occur - IT Governance Blog.” IT Governance Blog, 11 Mar. 2019, www.itgovernance.eu/blog/en/the-6-most-common-ways-data-breaches-occur.
“What Is Cyber Security Threat Mitigation? Webopedia Definition.” Webopedia.Com, 2019, www.webopedia.com/TERM/C/cyber-security-threat-mitigation.html#:~:targetText=Cyber%20security%20threat%20mitigation%20refers,when%20security%20attacks%20do%20happen.
What is Cybersecurity (Cyber Security)? Everything You Need to Know. “What Is Cybersecurity (Cyber Security)? Everything You Need to Know.” SearchSecurity, 2019,
“How to Protect Your Business from Cyber Threats | Business.Gov.Au.” Business.Gov.Au, 15 Oct. 2019, www.business.gov.au/Risk-management/Cyber-security/How-to-protect-your-business-from-cyber-threats.