Hong Kong is a aim for cybercrime – a hazard that will grow, contend risk advisory experts. Technology crimes caused an estimated financial detriment of HK$1.8 billion final year, a 50 per cent boost from 2014.
“Hong Kong was ranked a ninth many targeted economy for cybercriminals in a banking zone for a initial entertain of this year,” says Ricky Cheng, executive of risk advisory services during BDO.
Hong Kong is targeted by organized cybercriminals, says Eugene Ha, emissary handling partner during Grant Thornton. “Illegal activities always follow a money. Even yet a series of cybercrime cases has not drastically increased, financial waste from cybercrime have increasing by 50 per cent.”
Control and governance are a pivotal factors in combating cybercrime. In May, a Hong Kong Monetary Authority (HKMA) launched a Cybersecurity Fortification Initiative (CFI), a pierce welcomed by professionals.
The CFI provides discipline for banks to follow, according to their distance and scope.
“It allows banks to weigh their existent confidence standing opposite a horizon so as to approve with a HKMA standards. The horizon also provides a common language/protocol for all stakeholders to promulgate some-more effectively,” Ha says.
“The HKMA has tested a H2O in a banking sector,” Cheng adds.
At a corporate level, there is a flourishing recognition of a threats posed, Ha says. “A few clients have indicated that their IT bill for confidence and risk government would not diminution and some even pronounced that they would try to allot some-more supports from other areas. Most firms have implemented their possess confidence insurance – multilayer firewalls, penetration showing system, antimalware systems and information detriment impediment systems are common among Hong Kong enterprises.”
People and processes are equally critical in insurance from “backdoor” cyber attacks, Cheng says. “Investing [solely] in hazard and showing systems might not entirely strengthen organisations from elaborating cyber attacks. Awareness training can be a some-more effective approach to equivocate this form of attack.”
This is an area that firms in Hong Kong have traditionally invested too small in, according to Ha.
“We are looking brazen to saying some-more companies investing in enhancing a technical skills of a IT team, as good as a staff recognition of cyber confidence and a corporate governance of a management,” he says.
To residence this, a CFI has introduced a Professional Development Programme (PDP) and a Cyber Intelligence Sharing Platform (CISP). The PDP offers modernized skills for competent confidence professionals, Ha says.
It points to a some-more postulated and long-term answer to a issue. “With this form of training and acceptance programme, a supply of competent professionals in cybersecurity will increase,” he adds.
CISP is a height for banks to stay sensitive of what is function opposite a region. “Even yet it is now limited to a users from HKMA, military and a banking sectors, we expect it will be extended to other financial institutions,” Cheng says.
Banks should start scheming for a new policies by training staff, Ha adds. “Other enterprises should acquire this CFI, as it lays a substructure of a cybersecurity insurance horizon for all.”