Academics and businesses must fight cybercrime together
Companies must share insights with academics to help shape the cyber defence generation of tomorrow
This year's cyber attack on SingHealth has elevated the threat of cybercrime into mainstream consciousness here.
And as cyber attacks become a boardroom matter, there is an urgent need for professionals with the right knowledge.
It is time for academics and industry to work together closely to fight this threat.
There were an unprecedented number of hacks, leaks and data breaches here last year, with more predicted for this year.
And when pitted against small to medium-sized enterprises, hard-pressed to staff internal cyber security teams, the attackers are conversely well-funded, organised and resourced.
These attackers are becoming more creative in their methods with no two attacks the same.
They spend time researching a specific target and developing tailored malware technology and are driven by deep understanding of human nature.
For business schools to prepare students to quantify and manage cyberrisk, academics must combine technological know-how with real-world insights.
This means collaborating with corporations more closely than ever before. Yet, there are roadblocks to be addressed first.
Businesses are on the frontline when it comes to the multi-dimensional world of cybercrime, and their first-hand experiences can help academics keep their research and curriculum ahead of the curve - if they communicate with each other.
But they are also driven by profit margins, looking at what solutions will bring maximum results with minimum resources.
Monitoring, projecting and reporting real-world cases, data, trends and observations back to academia takes time.
Meanwhile, academic institutions have long been hampered by restrictions around research tenures and paper topics standing in the way of innovation.
To fight this global threat, we must incentivise businesses to share insights while empowering academia with the funding and support to apply a broader, more informed and long-term view to the challenge.
The global cost of cybercrime (which may be as much as US$600 billion a year), can be viewed as the multiplicative product of three components: the number of threats, vulnerability and monetary impact.
However, most companies are investing only in addressing their own vulnerability, rather than containing the rising number of cyberthreats.
A cyberbreach is nearly always considered a job for the IT professionals, and this is the mentality we need to change.
The senior management within a company must not see cyber security as solely an IT issue, but as a vital part of corporate risk management. Senior management and the board must understand the threat landscape, the geopolitical climate and data protection strategies.
Responsibility must be extended to every employee. One careless worker is an open door for hackers to exploit. It is only by working in close collaboration with industry experts that academics can appropriately shape the cyber defence generation of tomorrow.
For Singapore to continue as a leading financial centre, investor confidence needs to be assured.
In the case of cybercrime, academics and industry bodies need to come together for us to have a chance of combating this omnipresent threat.
This is an edited version of an article that appeared in The Business Times yesterday.