Local companies have become more proactive in seeking ways to strengthen their organization’s cybersecurity following the recent highly publicized security-related incidents. ePLDT, the digital enterprise enabler of PLDT Inc., however noted that organizations also face implementation issues such as technology complexity, lack of technical expertise, and high cost.
“IT Security in general, and lately with special focus on Cyber security, has become a very big concern among organizations because of the recent data breaches and hacking incidents. Many seek to implement some form of IT security solution or strengthen their existing IT Security framework but at some point, are held back by a number of challenges,” stated Nerisse Ramos, ePLDT Group COO.
Data from the Global State of Information Security Survey 2016 published by PricewaterhouseCoopers (PwC) states that ninety-one percent of organizations worldwide have adopted a risk-based cyber security framework. Moreover, fifty-eight percent of businesses said that they make every effort to ensure they are kept abreast on IT security information.
Applied to the local landscape, Nico Alcoseba, Head of PLDT’s Disruptive Business Group, said that ePLDT noticed that organizations are now more interested in security solutions but at the same time, also have a number of concerns. “First, the complexity of executing IT, particularly cyber security solutions on both the hardware and software levels for an entire network is a big headache on its own. Paired with lack of technical expertise and budgetary constraints, some companies become hesitant in carrying out their plans.”
ePLDT’s Managed Security Solutions addresses the aforementioned challenges by offering security options as a monthly subscription and as a fully managed service which includes the devices, systems, processes, and expertise. This OPEX model creates more options for organizations to grow their businesses without having to worry about CAPEX spending, as well as data and network security issues slowing down innovation. All of these are guided by a security framework based on the National Institute of Standards and Technology (NIST) model, which serves as a guide to identifying risks, and assists enterprises in both assessing their security standing and setting priorities towards improved cybersecurity practices.
As part of its best practices, ePLDT does vulnerability assessment on the client’s infrastructure to uncover vulnerable applications, malware infected machines, exploitable weak points, and easily identifiable sensitive data. This, according to ePLDT, will serve as basis for their recommended security solution for that specific organization. A sample solution might include multiple layers of security such as intrusion prevention systems, firewalls, antivirus, and antispam. Alternatively, a customer premise based security solution managed by ePLDT can also be deployed.
“The threat of cyber attacks risks enterprises from actualizing their potential growth. We do think that everyone is very much aware of the need to secure their enterprises; the education comes in finding and implementing the best practices tailored for the organization’s needs,” noted Alcoseba.
Interestingly enough, the same PwC survey revealed that companies are now embracing more collaborative and strategic initiatives to address security and do away with the threats and risks. Sixty-nine percent of companies use cloud-based security services while fifty-nine percent leverage on big data for cybersecurity.
This, according to ePLDT, is an encouraging insight, but these numbers might not yet be as high in the Philippine enterprise setting. Given the rapid growth in today’s economy and business environment, a robust network and data security solution should be given the utmost priority.
“ePLDT is very serious about protecting your data. Although there is no silver bullet solution that will prevent every determined hacker from targeting your data, we are continuously upgrading both the security technologies and skills. Beefing up our personnel with training, certifications, and expertise ensure that, as more and more customers come in, we have not only the right people, but the right number of people to do the job,” affirmed Alcoseba.
“Protecting the valuable and confidential information stored within databases is vital for maintaining the integrity and reputation of organizations everywhere—not to mention ensuring regulatory compliance. The biggest and most significant impact of a data breach aside from the financial losses incurred, is the loss of trust and confidence from a customer. Much like any insurance plan, you shell out money for something with benefits you don’t immediately feel until an attack happens. Only then will you be thankful that you deployed the right security measures to secure your business,” concluded Ramos.