Managing Personal Data and Cybersecurity Risks

Here are our key takeaways from the session:

Cybercrimes are more common than we think they are. Even for manufacturing companies.

– Manufacturing companies hold many sensitive and critical information. For examples, employees’ data, customers’ information (such as contact details, technical drawings, product specifications), financial transaction records, and many others.

– There were 137 cases of “Ransomware” attack reported to CSA in 2021. It is a 54% increase compared to 2020. The cases mostly affected SMEs from sectors such as Manufacturing and IT. Not all cases were reported.

– Under PDPA, organisations are required to designate at least 1 individual as the Data Protection Officer (DPO) to oversee data protection responsibilities and ensure compliance with PDPA.

– Companies who wish to review and enhance their cybersecurity are encourage to:

1) Collaborate with reputable cloud platforms

2) Perform an internal controls review (using Cyber Security Agency’s Cyber Security Essential “CSE” requirements and/or IMDA’s Data Protection Essential “DPE”.

3) Leverage a professional IT Managed Services partner to support their IT needs


To end it off, the question is “Not If, But When”.

When things go wrong, companies will have to react quickly and decisively.

Therefore, it is important to be prepared and put in place the necessary internal processes and infrastructure early to guide the subsequent response.

PS…it goes beyond having antivirus software.