- Aug 12, 2022
- 2 min read

Cyber Security - what is it and why is it important?

Cyber Security is:

The practice of protecting the confidentiality, integrity, accessibility and availability (e.g. unauthorised access, theft, damage or disruption) of critical systems (that may include hardware, software, digital systems, networks, devices) and sensitive data . It involves the application of technologies, processes and controls to prevent, protect, mitigate and recover from the impacts of cyber attacks.

Why is Cyber Security Important?

Cyber Security has become a top concern for businesses of all sizes in recent years. With the increasing number of cyber threats, such as data breaches, ransomware attacks, and phishing scams, it is imperative for businesses to prioritise cyber security and put in place cyber security measures. Let us discuss why cyber security is essential for businesses:

1) Cyber security can help protect your assets and data:

Cybersecurity is essential for businesses because it helps them protect their assets, intellectual property and data. Businesses handle vast amounts of sensitive or confidential data, including financial data, personal data, customer information, and trade secrets. A cyber security breach can result in the exposure, theft and misuse of these data which can cause significant harm to the business and its stakeholders. This may be in the form of reputation and financial damages (fines and lawsuits), loss of intellectual property, competitive advantage etc.

2) Cyber security ensures business continuity:

Cyber attacks can disrupt a business' operations which can result in system downtime, lost productivity and opportunities. Business can introduce cyber security measures such as discovery recovery planning and redundancy / failover mechanisms to ensure critical systems and applications remain operational in the event of a breach. This helps ensure business continuity.

3) Cyber security is needed for compliance:

Cyber security is essential to comply with standards imposed by company and government laws and regulations. Failure to meet with these requirements can result in significant financial penalties and legal liabilities, which can have a detrimental impact on a business's reputation and financial stability. Many industries have specific regulations and standards that require businesses to implement adequate cyber security measures. This may include the following:

For the Financial Industry - Regulatory Body: Monetary Authority of Singapore: Technology Risk Management (TRM) and Cyber Hygiene Notices Outsourced Service Provider's Audit Report (OSPAR) - audit report on how OSPs are to maintain the same level of risk awareness and management for cyber security risks as banks For the Healthcare Industry - Regulatory Bodies: Health Science Authority (HSA), Ministry of Health (MOH): Healthcare Cybersecurity Essentials For the Infocomm and Media Industry - Regulatory Body: Infocomm Media Development Authority: Codes of Practice For Government Agencies - Smart Nation and Digital Government Office (SNDGO): Government's Personal Data Protection Laws and Policies Digital Service Standards (Jul 2020) - guides agencies to implement their digital services to meet the Digital Government Blueprint goal. All public-facing digital services of the Government must meet the DSS Third Party Management Framework (Apr 2020) Generic, for All Personal Data Protection Act (PDPA) Regulations - Regulatory Body: Personal Data Protection Commission Singapore Code of Practices - Information Infrastructure - Regulatory Body: Cybersecurity Agency of Singapore

For the Financial Industry - Regulatory Body: Monetary Authority of Singapore:

Technology Risk Management (TRM) and Cyber Hygiene Notices
Outsourced Service Provider's Audit Report (OSPAR) - audit report on how OSPs are to maintain the same level of risk awareness and management for cyber security risks as banks

For the Healthcare Industry - Regulatory Bodies: Health Science Authority (HSA), Ministry of Health (MOH):

Healthcare Cybersecurity Essentials

For the Infocomm and Media Industry - Regulatory Body: Infocomm Media Development Authority:

Codes of Practice

For Government Agencies - Smart Nation and Digital Government Office (SNDGO):

Government's Personal Data Protection Laws and Policies
Digital Service Standards (Jul 2020) - guides agencies to implement their digital services to meet the Digital Government Blueprint goal. All public-facing digital services of the Government must meet the DSS
Third Party Management Framework (Apr 2020)

Generic, for All

Personal Data Protection Act (PDPA) Regulations - Regulatory Body: Personal Data Protection Commission Singapore
Code of Practices - Information Infrastructure - Regulatory Body: Cybersecurity Agency of Singapore

4) Cyber security promotes stakeholder confidence:

In today's digital age, the security of personal information has become a paramount concern for everyone as exposure can make individuals/businesses vulnerable to cyber attacks and other forms of malicious activity. Businesses that prioritise cyber security and invest in robust security measures demonstrate a strong commitment towards protection of data and the interest of its stakeholders. This not only helps to promote trust among stakeholders but also instills confidence towards the business as a whole.

5) Cyber security can help minimise the impact (financial and reputational) of cyber attacks:

Despite the best efforts of businesses, cyber attacks may still occur which may result in significant costs (fines, remediation, legal costs ) and lost business opportunities (downtime, damaged reputation and lost of trust). The impact would be detrimental to any business and may take a long time to repair or recover from. Cyber security can deter cyber attacks and enable businesses to identify threats, respond and recover quickly from cyber attacks, thereby reducing its overall impact.

In conclusion, the prevalence and complexity of cyber attacks have made cyber security a top priority for businesses. By prioritising cyber security, businesses can mitigate risks, maintain business continuity, and safeguard their valuable assets and reputation.