PHL firms should strengthen cyber resilience as attacks rise

By Aubrey Rose A. Inosante, Reporter
PHILIPPINE COMPANIES should invest in improving their cyber resilience amid growing ransomware attacks instead of paying the price asked for by fraudsters, an official of information technology management software ManageEngine said.
“There is no real guarantee that even if you pay today, some of them end up getting only partial information. If there is a ransomware attack, you should try to avoid paying the attacker,” Arun Kumar, Regional Director at ManageEngine told BusinessWorld via video call on Aug. 2.
Citing data from cybersecurity firm Kaspersky, he said the Philippines saw the fourth highest number of ransomware attacks on businesses in the Southeast Asia, with 15,312 blocked ransomware incidents in 2023.
Mr. Arun said there are cyberattackers who sell ransomware as a service for as cheap as $40 for the use of fraudsters who don’t have coding knowledge and background.
Building a cyber resilient model proactively to prevent future business interruptions could go a long way for firms, he said.
“Do a proper audit and find out potential vulnerabilities you have in your infrastructure. Have a very good data backup in place and periodically store data in case there is an attack, so you’ll be able to recover by having the right recovery process,” he said.
Mr. Arun added that employees should also be trained on the latest technology trends, especially on handling personal and customer data and reporting potential threats.
Companies should integrate cyber resilient practices with cybersecurity measures, he said.
Ransomware has been one of the most common attack methods for the last 10 years and awareness is also improving, but there are still weak links in areas like data storage, password protection, and the use of personal devices, Mr. Arun said.
He also highlighted the need for a good e-mail filtering system as ransomware usually starts with phishing attacks.
“You also must audit every device in your infrastructure. It could be your own laptop, mobile, servers, applications, and infrastructure devices like routers, switches, firewalls. Applications have to be monitored and audited periodically,” he said.