Babar Khan Javed
Jun 27, 2017

PR reaction mechanism essential for cyberattack victims

Reaction time is a factor and remaining silent is not an option, according to an expert at Ernst & Young.

Gerry Chng, the EY Asean Cyber Security Leader, speaking to the trade press on the newly launched Centers of Excellence at Ernst & Young Singapore. (Source: Ernst & Young).
Gerry Chng, the EY Asean Cyber Security Leader, speaking to the trade press on the newly launched Centers of Excellence at Ernst & Young Singapore. (Source: Ernst & Young).

In a market that is relatively new to emerging technologies, the cybersecurity leader at Ernst & Young in Singapore recommends that all companies must have a response mechanism in place that deals with how to react to any cyber attack, including communication to both internal and external stakeholders. 

On Monday morning, Honda was forced to halt production at one of its Japanese plants following the discovery that its systems were hit with the WannyCry cyber-attack. When the news broke, the company stock price fell from US$ 27.71 to US$ 27.59. The plant in question is just north of Tokyo and produces over 1,000 vehicles a day, including the Honda Accord and the Odyssey Minivan. While other plants have remained unaffected, the situation has become far too common in a new reality where integrated systems require end-to-end encryption to preserve the integrity of business operations.

While the situation could have been prevented had Honda opted to install a policy around authentic software across all plants, similar attacks require much more to prevent harm.

"Essentially if we look at the Ransomware that's been out there, a lot of targeting is based on the malicious malware and it is also targeting vulnerabilities in operating systems or applications," said Gerry Chng, the Asean cyber security leader for Ernst & Young in Singapore. "So one of the key things that organizations and individuals need to do is to make sure their software is updated. That would definitely help in a lot of situations. It won't solve all the possible situations because there could still be ransomware and malware that's been written using vulnerabilities that are yet unknown."

Chng advises companies to develop sensing capabilities that seek to understand what is happening and trying to get in, the resist and protection mechanisms, and the reaction. "In response, it's about 'how do you recover from the damage that has been done?'," he said. "There will also be aspects of corporate communication to go out, especially in today's social-media world. If you remain silent when the whole internet is making speculations, that's where reputation damage can be done and it's very hard to repair."

So, if nothing else, Chng suggests that business should consider and map out scenarios that outline their response mechanism to an attack before it happens. He recommends that companies go through exercises that practice what the company representatives would say and do in the event of an attack.

Related Articles

Just Published

52 minutes ago

How Giant gives the people what they want: $16 ...

Dairy Farm’s Southeast Asia marketing chief on the radical idea of permanently lowering prices and going against hype- and promotions-driven marketing.

53 minutes ago

Can Japan recognise strength in diversity?

Japan’s concept of what it means to be Japanese remains overly narrow. But some signs point to more inclusion and acceptance of diversity in background, mindset, struggles and choices, writes the co-CEO of Yuzu Kyodai.

1 hour ago

Cathay Pacific tries to give vaccination rates a ...

The airline encourages staff and Hong Kong people to get their jabs so they can get flying again.

2 hours ago

Women Leading Change Awards shortlist revealed

See the women and companies shortlisted for the fifth annual awards, the winners of which will be announced on June 8.