As digital business models become the norm, enterprises are exponentially generating more data than ever before. As a result, data is the new gold. However, digitization comes with the added risks of cyber threats which potentially could harm the integrity of businesses. On 15th August, Horangi's very own Chief Executive Officer and Founder, Paul Hadjy had an interview with Money FM. They discussed more on this problem and how Horangi helps SMEs by providing affordable cybersecurity.
Cybersecurity challenges for SMEs
As a past member of Palantir and the previous Chief Information Security Officer of Grab, Horangi’s CEO Paul Hadjy is no stranger when it comes to helping Fortune 500 companies implement cybersecurity solutions. Identifying that SMEs lack the budget that bigger companies have, he recognized the opportunity to provide cybersecurity solutions for an under-supported corner of the market.
As a startup owner himself, Paul cites that owners of SMEs first place top priority on helping the business “stay alive”, in addition to having to deal with other salient issues like setting up payroll in the organization. It is, therefore, no surprise that cybersecurity naturally comes up as a secondary problem amongst SMEs.
Smaller organizations also find it challenging to afford a security personnel, resulting in a lack of subject matter expertise in these organizations. What happens is that the Information Technology Departments personnel often doubles up as the cybersecurity personnel. This often leads to a lack of focus and specialization in cybersecurity management capabilities.
This trend becomes alarming as we learn that smaller organizations are just as prone, if not more, to the cybersecurity threats targeting bigger organizations. SMEs are highly susceptible to attackers who go for scale. This rings especially true for SMEs in Singapore, they make up 99 percent of all organizations in the country. SMEs also tend to fall prey to hackers scanning the internet to target organizations that do not spend enough time or money to fix their vulnerabilities online.
Outlook on cybersecurity threats
Known to be the top risk concern of CEOs according to a survey by KPMG in 2018, the cybersecurity threat is not one to be downplayed. Paul further articulates the view that top executives should be concerned with cybersecurity. Just as one would be concerned with physical security, a similar perspective can be applied as companies become increasingly reliant on technology. When asked about his view on why 35 percent of SMEs still do not have cybersecurity protection, Paul is of the opinion that these organizations will soon come to realize the inevitable need for adoption after they experience a cyber attack. Cyber attacks like the SingHealth incident in 2018, has only added visibility of such concerns to the public eye.
Smaller organizations will also recognize that cyber threats pose a “real risk” to them. A statistic shared by Paul claims that 60 percent of SMEs who do face cyber attacks go out of business within that same year. With digital transformation being driven across different industries, he foresees that the attitude of traditional businesses towards cyber risk will change eventually as well.
An added concern is the need to be adaptive in cybersecurity management. On the topic of putting safety measures in place, Paul pointed out that at the end of the day that there is a human on the other end of whatever that is happening. They are the ones with near infinite time to find ways to go around controls set to defend against attacks.
With this in mind, Horangi is highly driven by vigilance and flexibility, making sure that our consultants are aware of the latest happenings in the cyber scene in order to help our clients most effectively. Moreover, being a Software as a service platform, Horangi provides what is known as herd immunity. This means that in real time, customers can and will be protected from incidents that had happened to others previously.
Strategy preparedness as a key for SMEs
When it comes to devising an approach to cybersecurity management for SMEs, Paul’s view is that strategic management buy-in is essential. Even if there is no apparent risk, he deems that it is critical for any organization to have a suitable strategy ready for their organization to address any imminent cybersecurity issue. In fact, he stresses that organizations need not necessarily allocate large amounts of their annual budget for cyber security management. The focus should be on the strategy itself and what it entails.
Horangi’s specialty is building on this very premise that there is no ‘one size fits all’ solution. At the heart of our service lies dedicated consultants who scope and design unique strategies and roadmaps for organizations in different industries and of different sizes. For organizations which already have certain systems in place, Horangi provides an open API which means it can integrate with current solutions. Hence helping the customer save time and money.
Going forward, Paul highlights the importance of raising security awareness through education in order for organizations to “stay ahead of perpetrators”. Staying up to date with how cybersecurity threats can affect your industry is an essential foundation for building up the appropriate domains of knowledge required to address these threats. As part of outreach efforts, Horangi is working with partner groups and organizations to continue educating professionals on the potential cybersecurity risks to their respective industries. In line with this, Horangi’s newly launched initiative, the “Horangi Orange Report’ [August 2018], will serve as a knowledge source on the types of threats seen in Southeast Asia affecting customers in the mid-market or SME space.
With an emphasis on strategy management, Paul hopes to continue developing Singapore and Asia as Horangi’s core markets. This vision is enabled through strengthening regional markets by helping more SMEs build up security best practices in this era of digital change.