Connect with us

Business

Webinar on ‘Security of Information Assets: What the Board Needs to Know’

Published

on

The Sri Lanka Institute of Directors (SLID) together with EY organized a webinar, moderated by Manil Jayasinghe-Partner, EY on “Security of Information Assets: What the Board Needs to Know” recently to update the knowledge and understanding of Board members on the increasing cyber security risks and threats to information assets of an organization brought about by the rapid wave of digitalization and resulting changes in the way organizations work in response to the on-going pandemic.

The webinar also discussed strategies and best practices on how best to mitigate these risks in securing information assets while ensuring business continuity, loss minimization and quick, safe recovery in the event of a breach. The keynote address was delivered by Dileepa Lathsara-CEO, TechCert and the panel comprised of eminent tech and business leaders Madu Ratnayake-Executive Vice President, CIO/GM Virtusa and D. Soosaipillai-INED of Listed Companies.

“It is important to define what information assets are so that security can be provided to those assets. Contrary to the misconception that information assets are only the application systems or the systems where staff work on and the data that resides on those systems, information assets include supporting infrastructure such as switches, patch panels, routers, servers and all other equipment, and application systems including confidential corporate information in those systems. It is also important to identify where corporate information is stored and who has access to it” said Dileepa Lathsara-CEO, TechCert.

“Boards should get involved in handling cyber security risk by firstly setting a security tone for the organization so that everyone takes security seriously and also ensure that the required resources are made available. Boards can focus on the actual requirements of information security by adopting and adhering to security frameworks, standards, acts and directives such as NIST and ISO27000 series, PCI-DSS rather than having the IT security team re-invent the wheel” he added.

He further stated that cyber security should be incorporated into the digital transformation chain and should not be a mere afterthought to be plugged in at the end. Cyber accountability is also important in that it is the organization’s ability to demonstrate that they have good cyber hygiene to ensure, in case of an eventual attack, the ability to track back to a unique event/person or group responsible with admissible evidence which also aids in quick rectification and recovery. Dileepa also emphasized that it is important to make informed and optimal investments in cyber security mitigation which can be calculated preferably as Annualized Loss Expectancy (ALE) as against ROI since security is about loss prevention and not about earnings where ALE is calculated as the cost of a security incident x chance that the incident will occur in a year.

Panelist Madu Ratnayake said that it is essential and fundamental to have the right people in the security team led by a CISO (Chief Information Security Officer) and that cyber security is a journey and not a destination as security is evolving. The Boards should comprise of members who have expertise on security given that most companies are going digital and the risk becomes crucial.

Panelist D. Soosaipillai said that the first thing is to find a security standard to be adopted in the organization without which there will be limitless spending on security without knowing what the benefits are. The organization should have a security vertical such as a CISO or IT Security, which is where the Boards will look at to establish ownership for IT security. He also suggested that Board does regular, if not half yearly Vulnerability Assessment and Penetration Testing (VAPT) by external 3rd parties into the systems/security matrix of the organization.



Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Business

INSEE Ecocycle to provide waste management solutions for Galle Analytical Lab

Published

on

Signatories to the agreement were Mrs. Dharshani Lahandapura, Chairperson and Dr. P.B. Terney Pradeep Kumara, General Manager, MEPA and Sanjeewa Chulakumara, Director of INSEE Ecocycle Lanka (Private) Limited together with senior officials from both organisations

INSEE Ecocycle, the nation’s pioneer in sustainable waste management has joined hands with the Marine Environment Protection Authority (MEPA), the apex body established to prevent, control and manage pollution in Sri Lanka’s marine environment, to provide Sustainable Integrated Waste Management Solution for the MEPA’s Galle analytical laboratory recently.

Prior to the agreement, no sustainable solution for analytical laboratory waste and chemical waste existed in the country. This hazardous waste was accumulated at laboratory premises or due to misconduct, was discharged into the open environment such as drains, soil or natural water streams etc. As a result, possible environmental impacts such as soil acidification or soil alkalization, eradication of aquatic plants and animals, possible ground water contamination, acid rains and ozone depletion could have taken place.

Similarly devastating human health impact such as skin cancers, liver damage, blindness, neurological disorders, adverse pregnancy outcomes and bioaccumulation were also a possibility.

Commenting on the agreement Sanjeewa Chulakumara noted, “INSEE Ecocycle is proud to partner with MEPA for analytical laboratory waste management and we highly appreciate the commitment and the passion of the senior management of MEPA for this collaborative sustainable initiative, which is a great example to other government institutions in the country as well.”

Continue Reading

Business

94% of consumers in APAC considering the use of emerging payment methods: study

Published

on

As a result of the pandemic, enthusiasm for a broader range of payment technologies has accelerated in the Asia Pacific region as 94% of people say they will consider using at least one emerging payment method, such as QR codes, digital or mobile wallets, installment plans, cryptocurrencies, biometrics and others, in the coming year. This is according to the Mastercard New Payments Index conducted across 18 markets globally, including India, Australia and Thailand, which reveals that 84% of consumers in APAC already have access to more ways to pay compared to one year ago. Of note for entrepreneurs, 74% of respondents said that they would shop at small businesses with greater frequency if they offered additional payment options.

“Mastercard’s study finds that people in the Asia Pacific region haven’t just adopted new payment technologies—they’ve made deliberate shifts based partly on necessity, but also on considerations around personal safety, security and convenience, at a time when these concerns were paramount,” said Sandeep Malhotra, Executive Vice President, Products & Innovation, Asia Pacific, Mastercard. “Consumers in Asia Pacific have already gained recognition globally for their openness to new technologies and innovation, and these findings confirm that this trend is only set to continue as more digital payment options rapidly become mainstream in this part of the world.”

About Mastercard (NYSE: MA), www.mastercard.comMastercard is a global technology company in the payments industry. Our mission is to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. With connections across more than 210 countries and territories, we are building a sustainable world that unlocks priceless possibilities for all.

 

 

Continue Reading

Business

ASPI skyrockets to reach 3 ½ weeks high

Published

on

Turnover recorded at a healthy level at Rs. 2.7bn

Bourse premiered the week shooting the index remarkably high to reach a 3 ½ weeks top. ASPI displayed a stepped upward trend and surged in the first hour of trading followed by a sideways movement during mid-day and ended with a gradual uptrend to close at 7,350 gaining 122 points.

Turnover was recorded at a healthy level at LKR 2.7Bn powered by the active retail participation. Food, Beverage & Tobacco sector dominated the turnover closely followed by the Capital Goods sector to generate a joint contribution of 50%. Foreign investors remained net sellers while recording low participation.

-First Capital Research

 

 

Continue Reading

Trending