ACCA holds panel discussion on current state of cybersecurity

Thursday, 28 July 2016 00:00 -     - {{hitsCtrl.values.hits}}

Untitled-6The panellists discussing the topic of the current state of cybersecurity  

Cyberspace whilst providing tremendous benefits also present new risks, with no business being ‘too small’ to becoming vulnerable from hackers, leading to crime, terrorism, industrial espionage and warfare.

Therefore businesses today cannot afford to be blissfully ignorant of this changing environment. The new risks and threats are real, making cyber security necessary as it is no longer a clear-cut technical issue but instead needs to be a strategic, political, and social phenomenon that must be examined with a scientific rigour.

This was the thought process behind the recent panel discussion held by ACCA (the Association of Chartered Certified Accountants) for Sri Lanka’s leading business entities at the Kingsbury, addressing some of the key issues pertaining to this topic.

The keynote speaker for this event was Layers-7 Seguro Consultoria Ltd. Director Professional Services Sujit Christy. 

Sujit Christy is an experienced Governance, Risk and Compliance Professional who is a Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), certified in Risk and Information System Control (CRISC) and a certified IT Disaster Recovery Professional. He counts over 20 years of experience in Financial and Information System Auditing, ERP Implementation, Governance, Risk Management, and Compliance and Information Security Consulting. Sujit is a regular invited speaker in security conferences and seminars. Sujit is also a Board Member of (ISC) 2 Colombo Chapter and Secretary of (ISC) 2 Chennai Chapter.

Citing examples of recent attacks Sujit, touched on the topics of how Mobile Apps can be the new frontier for Cybercrime. Explaining the threats affecting current mobile platforms he said that more consumers are shifting to smartphones, tablets and other similar devices, signifying it being a viable target for several cybercriminal attacks to infect these devices and gain unauthorised access to corporate network and data. 

He also spoke about how the Internet of Things (IoT) is  changing the Cybersecurity landscape and noted that  IoT has led to a world where just about anything can be connected and communicated, with the world  becoming one big information system. He said this means that more personal information and business data will exist in the cloud and be passed back and forth through thousands of devices that may have exploitable vulnerabilities. 

He stated that one weak link in the security chain could provide hackers with nearly limitless doorways that could potentially be unlocked, leading them to data. He noted that privacy is a serious concern today not just in the IoT, but in all applications, devices or systems where we share information.

Sujit recommended organisations should therefore assume they are a target and have their systems and defences in place to prevent data loss and to also take steps to educate their employees on managing these functions. He said cyber security is not a technology concern but rather a critical business issue and the current motto should be to ‘see everything, protect what matters and find risk before it finds you’.

The presentation was followed by a panel discussion on the same topic, participated by ISACA Sri Lanka Chapter President and LOLC Technologies Principal Consultant Parakum Pathirana, KPMG Cyber Security Senior Manager Buddhika De Alwis, Assistant Manager – IS Audit SJMS Associates and Independent Correspondent Firm to Deloitte Touche Tohmatsu Kumar Manthri.

They discussed the importance of protecting networks of information and how crucial it was for organisations to have trained information professionals who are able to meet and counteract cyber security threats. They felt that cyber risk should be at the top of the boardroom agenda and that there was a need to bring together government, academia, industry, business, trade bodies and users, to devise a secure cyber environment ,making the Internet a safe and trusted place to conduct business and communicate with both  family and friends.

COMMENTS