Singapore residents are the world’s most trusting of their government organisations. Half of those surveyed by digital security firm Imperva said they completely trust government organisations to keep their sensitive information absolutely private. This is much higher than the global average of 29%.
Retailers and online gaming are perceived to be the least trustworthy in keeping private information safe. Only 4% of the Singapore respondents from Imperva’s No Silver Linings report trust these two groups, similar to global figures.
With 49% of Singapore respondents saying that they would stop using a company’s services following a serious data breach, organisations must rethink their approach to data security.
“Most organisations remain traditional in their approach, focusing on decades-old security controls like Data Loss Prevention (DLP), perimeter controls, and endpoint protection, without sufficient awareness of the need to pivot their security strategy to one that’s centred around data,” George Lee, regional VP of Imperva Asia Pacific and Japan tells DigitalEdge Singapore.
He adds that organisations have historically paid little attention to the database security domain. Instead, they had their security teams monitor the small segment of the data estate that ensured regulatory compliance.
“This strategy is no longer sound when you consider the expansive data estates organisations are managing in increasingly complex environments. To mitigate potential security risks, enterprises need to make data security − not just compliance − the core objective of their security strategy.”
See also: Tesla Cybertruck to go on tour in China to burnish tech cred
“Securing data at its source and understanding how it’s accessed and used is vital for identifying anomalous data access and then taking action before large-scale breaches happen,” he says.
Besides that, Lee highlights the need to guard against insider threats. Recent research commissioned by Imperva and conducted by Forrester reveals insider threats to be the cause of 58% of incidents that negatively impacted sensitive data in the last 12 months. Yet, 59% of organisations in Asia Pacific do not prioritise insider threats as they do with external threats.
To that end, he advises organisations to adopt Zero Trust. “[By] proactively following Zero Trust principles to address insider risk and diligently adopt the time-tested principle of defence-in-depth, [organisations can] protect themselves from the edge to applications to the data itself.”
“An effective data security strategy today must go beyond traditional DLP and endpoint protection to include monitoring, advanced analytics, and automated response to prevent unauthorised, accidental, or malicious data access,” he states.