Babar Khan Javed
Jun 27, 2017

PR reaction mechanism essential for cyberattack victims

Reaction time is a factor and remaining silent is not an option, according to an expert at Ernst & Young.

Gerry Chng, the EY Asean Cyber Security Leader, speaking to the trade press on the newly launched Centers of Excellence at Ernst & Young Singapore. (Source: Ernst & Young).
Gerry Chng, the EY Asean Cyber Security Leader, speaking to the trade press on the newly launched Centers of Excellence at Ernst & Young Singapore. (Source: Ernst & Young).

In a market that is relatively new to emerging technologies, the cybersecurity leader at Ernst & Young in Singapore recommends that all companies must have a response mechanism in place that deals with how to react to any cyber attack, including communication to both internal and external stakeholders. 

On Monday morning, Honda was forced to halt production at one of its Japanese plants following the discovery that its systems were hit with the WannyCry cyber-attack. When the news broke, the company stock price fell from US$ 27.71 to US$ 27.59. The plant in question is just north of Tokyo and produces over 1,000 vehicles a day, including the Honda Accord and the Odyssey Minivan. While other plants have remained unaffected, the situation has become far too common in a new reality where integrated systems require end-to-end encryption to preserve the integrity of business operations.

While the situation could have been prevented had Honda opted to install a policy around authentic software across all plants, similar attacks require much more to prevent harm.

"Essentially if we look at the Ransomware that's been out there, a lot of targeting is based on the malicious malware and it is also targeting vulnerabilities in operating systems or applications," said Gerry Chng, the Asean cyber security leader for Ernst & Young in Singapore. "So one of the key things that organizations and individuals need to do is to make sure their software is updated. That would definitely help in a lot of situations. It won't solve all the possible situations because there could still be ransomware and malware that's been written using vulnerabilities that are yet unknown."

Chng advises companies to develop sensing capabilities that seek to understand what is happening and trying to get in, the resist and protection mechanisms, and the reaction. "In response, it's about 'how do you recover from the damage that has been done?'," he said. "There will also be aspects of corporate communication to go out, especially in today's social-media world. If you remain silent when the whole internet is making speculations, that's where reputation damage can be done and it's very hard to repair."

So, if nothing else, Chng suggests that business should consider and map out scenarios that outline their response mechanism to an attack before it happens. He recommends that companies go through exercises that practice what the company representatives would say and do in the event of an attack.

Related Articles

Just Published

6 hours ago

Tech Bites: Week of October 3, 2022

News from Maxis, Twilio, Dentsu and more.

6 hours ago

Coca-Cola sponsors COP27: Buying its way into ESG ...

SOUNDING BOARD: By cashing in on Coca-Cola's cheque, is COP27 inviting conversation and giving an opportunity for reflection or is the climate change summit becoming a part of the greenwashing problem?

7 hours ago

Women to Watch 2022: Haylie Craig, Colenso BBDO

As a seasoned creative, Craig is a fierce advocate for bold, inclusive work for the betterment of others—particularly those in the queer community.

12 hours ago

Cadbury Celebrations illuminates a hawker's Diwali

Watch the film conceptualised by Ogilvy here.