Suspected Data Leak Prompts Restoration Company to Tighten IT Security and Request New Cyberbrand
The Cyber Essentials brand aims to help SMBs have basic cyber defenses in place to protect their systems and operations against common cyberattacks. The mark is valid for two years.
For an SME in the food and beverage sector, this may mean having measures such as controlling who has access to customer data and backing up that data, as well as having software to protect the company’s IT systems. .
The Cyber Trust brand aims to guide larger and more digitized companies, such as multinationals, on the expertise and resources needed to manage and protect their IT infrastructure and systems according to their risk profile. The mark is valid for three years.
For a financial services institution, this could mean ensuring its internal and external systems have robust cyber defenses to protect customers’ personal and financial data.
Large organisations, as well as around 30% of SMEs that are further along in the process of going digital, should be able to benefit from brands, the CSA said.
The certification process will be carried out by certification bodies appointed by the agency, with eight appointed so far.
The fees companies pay to certification bodies vary depending on the scope of the assessment. Fees for Cyber Essentials start at $150 for small businesses with fewer than 10 employees, while fees for Cyber Trust start at $800.
The CSA said it would gradually review the certification and assess the need to make the marks mandatory in the future.
Singapore’s technology industry association SGTech, one of the industry partners CSA works with to encourage brand adoption, said the cost to adopt recommended practices and get certified is relatively much lower than the cost of the potential loss of customer trust, brand reputation and legal costs in the event of a cyberattack.
Mr. Tan, launching the marks on Tuesday, noted that the average cost of a cyberattack for businesses here in 2020 was around $1.7 million per breach. That might be too high a cost for some SMEs, he added.
Although certain sectors are being hit hard by the Covid-19 pandemic, companies could seek to further strengthen their cyber defenses.
A 2021 SGTech survey found that 38% of companies had invested in and implemented cybersecurity measures in the past year.
But over the next 12 months, 53% of SMBs plan to increase their spending on cybersecurity technology, while 85% of large enterprises plan to do so, according to the survey.
Mr. Dutch Ng, President of SGTech’s Cybersecurity Chapter, said CSA’s two cybermarks allow organizations to focus precisely on investing in cybersecurity to support high-priority vulnerabilities.