Babar Khan Javed
Jun 27, 2017

PR reaction mechanism essential for cyberattack victims

Reaction time is a factor and remaining silent is not an option, according to an expert at Ernst & Young.

Gerry Chng, the EY Asean Cyber Security Leader, speaking to the trade press on the newly launched Centers of Excellence at Ernst & Young Singapore. (Source: Ernst & Young).
Gerry Chng, the EY Asean Cyber Security Leader, speaking to the trade press on the newly launched Centers of Excellence at Ernst & Young Singapore. (Source: Ernst & Young).

In a market that is relatively new to emerging technologies, the cybersecurity leader at Ernst & Young in Singapore recommends that all companies must have a response mechanism in place that deals with how to react to any cyber attack, including communication to both internal and external stakeholders. 

On Monday morning, Honda was forced to halt production at one of its Japanese plants following the discovery that its systems were hit with the WannyCry cyber-attack. When the news broke, the company stock price fell from US$ 27.71 to US$ 27.59. The plant in question is just north of Tokyo and produces over 1,000 vehicles a day, including the Honda Accord and the Odyssey Minivan. While other plants have remained unaffected, the situation has become far too common in a new reality where integrated systems require end-to-end encryption to preserve the integrity of business operations.

While the situation could have been prevented had Honda opted to install a policy around authentic software across all plants, similar attacks require much more to prevent harm.

"Essentially if we look at the Ransomware that's been out there, a lot of targeting is based on the malicious malware and it is also targeting vulnerabilities in operating systems or applications," said Gerry Chng, the Asean cyber security leader for Ernst & Young in Singapore. "So one of the key things that organizations and individuals need to do is to make sure their software is updated. That would definitely help in a lot of situations. It won't solve all the possible situations because there could still be ransomware and malware that's been written using vulnerabilities that are yet unknown."

Chng advises companies to develop sensing capabilities that seek to understand what is happening and trying to get in, the resist and protection mechanisms, and the reaction. "In response, it's about 'how do you recover from the damage that has been done?'," he said. "There will also be aspects of corporate communication to go out, especially in today's social-media world. If you remain silent when the whole internet is making speculations, that's where reputation damage can be done and it's very hard to repair."

So, if nothing else, Chng suggests that business should consider and map out scenarios that outline their response mechanism to an attack before it happens. He recommends that companies go through exercises that practice what the company representatives would say and do in the event of an attack.

Related Articles

Just Published

1 day ago

Purpose, laughs, and boppable tunes: Spikes jury ...

SPIKES ASIA X CAMPAIGN: Presidents and members of several Spikes Asia juries share the top trends they spotted in the jury Zoom rooms, with video examples.

1 day ago

Crash Course: How to tell engaging short-form stories

To round off a week of creativity-themed content during Spikes Asia X Campaign festival, this Crash Course provides useful tips on how to build story arcs and create thumb-stopping campaigns for short-form.

1 day ago

Lessons from Tesla, Apple and yoga (yes, yoga) in ...

SPIKES ASIA X CAMPAIGN: Creatives need to drive relevance for sustainable options, instead of virtue-signalling about sustainability, argues Gulshan Singh of FCB Interface.

1 day ago

Spikes Asia Awards 2021: Campaign's contenders 3

As the juries make their final selections ahead of the March 1 winners announcement, Campaign Asia-Pacific's editorial team has once again scoured through the 2021 shortlist to pick out the work we expect to win.