Cybersecurity threats mount in assessment for next year

Against the backdrop of such threats, so-called cyber resilience is expected to firm up as a key trend in 2018.
Prinya Hom-Anek, chief executive of ACIS Professional Centre, said cyber threats pose a great danger to the privacy of individuals and businesses in the digital era.
Prinya said the top five cybersecurity trends and threats in 2018 will be: cyber resilience; hidden personal data privacy threats on mobile, cloud and social media services; cloud security and privacy; the transition to a data-driven economy; and the increased risk of hacking into Internet of Things (IoT) devices.
ACIS describes cyber resilience as an evolving perspective that is rapidly gaining recognition. The concept brings together the areas of information security, business continuity and organisational resilience.
The objective of cyber resilience is to maintain the an ability to deliver an intended outcome at all times – even when regular delivery mechanisms have failed, such as during a crisis and after a security breach. The concept also includes the ability to restore regular delivery mechanisms after such events as well as the ability to continuously change or modify these delivery mechanisms if needed in the face of new risks, ACIS said. Backups and disaster recovery operations are part of the process of restoring delivery mechanisms.
Prinya said cyber resilience helps businesses to recognise that hackers have the advantage of innovative tools and the element of surprise.
This concept helps business to prevent attacks and, if they occur, to recover the system to a secure state. “This is a cultural shift as the organisation sees security as a full-time job and embeds security best practices in day-to-day operations,” Prinya said. “In comparison to cyber security, cyber resilience requires the business to think differently and be more agile on handling attacks.”
However, the Bank of Thailand is seeking to develop a cyber-resilience engineering framework to support financial institutions so that they will able to protect their banking systems from hackers. The framework will also able to protect the financial instructions and advance the cyber security of the country.
Under the hidden threats to personal data privacy on mobile, cloud and social media services, offenders are able to access personal data from users of mobile-banking services.
 Cloud security and privacy is seen as top priority because of an increase in the volume of sensitive and high impact corporate data leakages via shadow IT and enterprise clouds. Meanwhile, cloud data governance will be a big issue for enterprises, ACIS said.
“The shift to a data economy means organisations succeed or fail based in large part on their ability to leverage data and analytics to improve operational efficiencies, to make better tactical and strategic decisions, and to create innovative products, services and business models to meet customer expectations,” Prinya said. “It is also a connected economy in which partners and competitors alike share data and integrate business processes where the resulting benefits to overall markets, the enterprises themselves and customers outweigh the risks of such collaboration”.
Regarding the hacking of IoT systems, ACIS says this poses an emerging threat to critical infrastructure that can cause losses to the manufacturing sector.