Governments and regulators around the world are taking a closer look at nefarious activities occurring across the metaverse, bridging criminal endeavours of both the physical world and the digital world as the realms merge into one. While crimes in the physical world often pertain to loss of life, loss of property, or both, cybercrimes or virtual crimes largely entail the loss of data, cyberattacks, and compromised private information, all of which can cost enterprises and individuals a huge sum. Because the digital world knows no borders, countries have united to fight against cyber criminals on a global scale.
Mordor Intelligence, a leading market research consulting firm, valued the Global Incident Response Services market at USD 3.48 billion in 2020 and expected it to reach USD 10.13 billion by 2026, at a compound annual growth rate of approximately 20.53%, between 2021 and 2026, signalling towards the rise in probable security breaches in future. The report further emphasises that the Asia Pacific market will see a spike for the following reasons:
- The Asia Pacific accounts for nearly one-third of the world’s population
- Steady economic growth and increased stability in the region
The Mordor Intelligence report indicates that the thefts are primarily targeted at personally identifiable information (PII) because APAC is an abundant source of human capital.
Cybersecurity: A global responsibility
As cyber threats evolve and become increasingly complex, our world’s borderless digital space remains vulnerable to cyberattacks. Cybercriminals continue to identify new ways to disrupt the systems that allow global business to function. As expected and according to a recent Forbes contributor column, the number of cyberattacks in 2021 surpassed those in 2020, including attacks on financial portals as well as Solar Wind and Colonial Pipeline.
The Australian government has recently unveiled a ransomware action plan for businesses in Australia. The plan includes businesses mandatorily reporting ransomware incidence.
What is cyber threat incident response?
In general terms, cyber threat incident response is the process to respond to cyber threats. PCI DSS specifies the steps that organisations should follow as part of the incident response plan. The steps are established in requirement 12 and include:
- 12.10.2–Test incident response plan at least annually
- 12.10.3–Assign certain employees to be available 24/7 to deal with incidences
- 12.10.4–Properly and regularly train the staff with incident response responsibilities
- 12.10.5–Set up alerts from intrusion-detection, intrusion-prevention, and file-integrity monitoring systems
- 12.10.6–Implement a process to update and manage the incident response plan per industry and organizational changes
Preparedness and initiatives across APAC
Governments play a crucial role in creating and shaping the economy; when it comes to securing the population and their interests, they leave no stone unturned, whether it involves deploying personnel to fight known threats (security, healthcare, judiciary) or developing protocols and policies to fight the unknown. One key element is the establishment and promotion of cybersecurity standards or frameworks. Some of the government-managed cyber security organisations across the APAC region include :
- Australia: Australian Cyber Security Center (ACSC) is responsible for monitoring and responding to the cyberthreats targeting Australian interests. ASCS also provides a set of guidelines that can help an organisation's employees detect, respond, and recover from a cybersecurity breach.
- China: The Cyberspace Administration of China, also known as the Office of the Central Cyberspace Affairs Commission, is the central Internet regulator, censor, oversight, and control agency for the People's Republic of China.
- Hong Kong: The Office of the Government Chief Information Officer (OGCIO) ensures that the Government provides the public with information and services they need efficiently and conveniently by using IT appropriately, and supports bureaux/departments to make the best use of IT to achieve their policy objectives.
- India: The National Cyber Coordination Centre (NCCC) is an operational cybersecurity and e-surveillance agency in India.
- New Zealand: National Cyber Security Centre (NCSC) protects and provides incident response for New Zealand’s most significant public and private sector organisations from cyber threats.
- Singapore: Cyber Security Agency (CSA) is the national agency overseeing cybersecurity strategy, operations, education, outreach, and ecosystem development.
PDCA for cybersecurity
Stringent policies coupled with defined processes can help organisations prepare against cyber threats. “Plan, Do, Check, Act” (PDCA) can help get answers to most of the questions and ensure preparedness. PDCA is recognised across industries and by various regulatory and industry bodies for effectively reducing risk. In respect to securing the organisation against cyber threats, International Organization for Standardization (ISO) recommends PDCA as:
- Plan: Establish policies, objectives, processes, and procedures relevant to managing risk and improving information security to deliver results following an organisation’s overall policies and objectives.
- Do: Implement and operate the ISMS policy, controls, processes, and procedures.
- Check: Assess and, where applicable, measure process performance against ISMS policy, objectives, and practical experience and report the results to management for review.
- Act: Take corrective and preventive actions, based on the results of the internal ISMS audit and management review or other relevant information, to achieve continual improvement of the ISMS.
It's an iterative process, and it evolves with new information and stronger processes.
While the regions’ governments are proactive and are educating the public at large, individual and organisational preparedness will help minimise the agony and loss - Is your law firm ready?Disclaimer: The views and opinions expressed in this article do not necessarily reflect the official policy or position of Novum Learning or Legal Practice Intelligence (LPI). While every attempt has been made to ensure that the information in this article has been obtained from reliable sources, neither Novum Learning or LPI nor the author is responsible for any errors or omissions, or for the results obtained from the use of this information, as the content published here is for information purposes only. The article does not constitute a comprehensive or complete statement of the matters discussed or the law relating thereto, and does not constitute professional and/or financial advice.