CICRA shares insights on cyber security at AMCHAM forum

By Shannon Jayawardena

CICRA Holdings Group Director and CEO Boshan Dayaratne last week shared insights to cyber security, data breaching and risks at a workshop conducted by the American Chamber of Commerce (AMCHAM) Sri Lanka.

The event focused on subjects such as data worth, data exfiltration, digitalisation, major incidents of 2017, security and privacy, insider versus external threats, consequences and so forth.  

Data breaching is a security incident in which sensitive, protected or confidential data is copied, transmitted, viewed, stolen or used by an individual unauthorised to do so and could lead to long time and lasting damages to an individual or large company as a whole.

Dayaratne noted that data breaches may involve financial information such as credit card or bank details, personal health information (PHI), personally identifiable information (PII), trade secrets of corporations or intellectual property.

“In data you can multiply whatever you have taken. You must protect your data and not let anyone take it away from you easy. It is your responsibility to protect your data and the data of your company as it could lead to great chaos if hacked or breached.”

Speaking on data worth, he said: “Today whether we like it or not, everything is on a system. Even 10 years ago, we were all on systems. It is your responsibility to protect the data on your device. The biggest problem is that people don’t know the worth of their data. We really don’t know the value of data until something happens or until we underestimate the value of our data.”

Dayaratne stressed on the fact that there are many common misconceptions such as ‘we are not a bank’, ‘we can recreate the information easily’, and ‘let’s wait and see’ when it comes to valuing the importance of data. He emphasised on the significance of data as it is vital for analysing the success of a company as well.

“Everyone wants digitalisation or digital transformation. Even when it comes to a peon, if he can use a computer then he could easily be hired and the whole process is digitalised. When it comes to digital transformation most of us don’t really understand it totally. Support activities include firm infrastructure, technology development, human resource management and procurement,” he stated.

Dayaratne said: “The more digitalisation you have done, the more data you have created. There are both malicious insiders and accidental insiders who could create date breaching. Awareness training is very important not only for IT guys but for the end-users as well.”

Pix by Lasantha Kumara