No Match Found
View this page in: 繁體中文版
Hong Kong, 2 December 2020 – The switch to remote working has seen a spike in cybersecurity incidences increase by ten times. The lapses in security are mainly due to lack of basic hygiene such as misconfiguration of VPN and firewall, and outdated software. To better protect oneself from cyberthreats, it is all about securing the basics, which is also the theme of PwC's second HackaDay Cybersecurity Conference.
In 2020 alone, PwC Hong Kong helped clients respond to over 30 cases of active breach or network intrusion. The firm’s clients range from telco to airline subsidiaries to Hong Kong-based international conglomerates. The work involved end-to-end incident response cycle, from containment to threat hunting to post-incident security uplift.
“From over 300 techniques documented by PwC’s cyber team, we’ve learnt that the recurring patterns of these attacks include both front door break-ins like leaked credentials or exposed ports, and lack of internal monitoring like remote access and data sharing,” said Kok Tin Gan, PwC Hong Kong Cybersecurity and Privacy Partner.
Rapid changes in technologies and remote working due to COVID-19 had significant impact on organisations’ attack surface, providing opportunities for threat actors. Hackers are deploying both evolving and recurring tactics:
To cope with the rapidly growing threats, PwC is introducing Purple Teaming solution which enables iterative attack simulation and remediation to drive rapid risk reduction. The solution starts from gaining a threat-focused understanding of the organisation’s cybersecurity posture, to remediating security weaknesses as soon as they are identified. With Purple team in place, PwC professionals can iteratively improve protection, detection, and response capabilities, then ultimately increase the cost to an attacker of a compromising cyber environment.
Running concurrently with the Cybersecurity Conference is PwC’s annual Capture the Flag competition for undergraduate students in Hong Kong and Macau. It serves as a platform to raise the competency level of new talents to better prepare them for a meaningful career in cybersecurity.
“Students are the future of a company’s cybersecurity defence. We pride ourselves in helping to nurture these local talents which aligns with our PwC’s purpose of building trust in society and solving important problems,” said Felix Kan, PwC Hong Kong Cybersecurity and Privacy Partner.