Managing Cyber Risks in a Digital Workspace

ASPRI x AiSP CAAP Awareness Workshop: Managing Cyber Risks in a Digital Workspace

 

12 October 2020, Singapore - As more and more companies are adopting work-from-home (WFH) arrangements, people’s dependence on technology and the Internet increases significantly. While they allow us to easily correspond and communicate with our colleagues and business partners, they also pose a threat in the form of cyber-attacks.

To help increase the awareness on the various cybersecurity risks amongst their members, ASPRI has partnered with the Association of Information Security Professionals (AiSP), in conjunction with their Cybersecurity Awareness and Advisory Programme (CAAP) to organise a webinar titled, “CAAP Awareness Workshop: Managing Cyber Risks in a Digital Workspace”.

Mr Steven Nah, Co-Lead of ASPRI’s Digitalisation, Innovation and Technology Adoption (DITA) Work Group and Treasurer of ASPRI’s 13th Executive Council, opened the webinar by sharing his thoughts on how the Internet has not only become a tool that everyone uses to connect with their family and friends but also how it is integral in everyone’s work life. Mr Nah then invited Mr Tony Low, Co-Chair of AiSP CAAP to begin his presentation.

Mr Low broke down the benefits and risks of using cloud services such as iCloud, Google Drive, Google Photos and other services. He highlighted that COVID-19 has accelerated the adoption of such cloud services amongst businesses. This is because users can access their files from anywhere. Cloud services also negate the need for complicated physical storage devices that take up space in the office or home. However, cloud services also pose risks such as data privacy, insider threats and compliance violations.

In the second part of his presentation, Mr Low highlighted the need for people to use strong passwords for their various programs. He advised attendees not to use the same password for every single service. Users should also not use their personal information – such as name, birthday and mobile number as their password. It is recommended that users use special characters such as punctuation marks to make it harder for attackers to guess their passwords.

In the last section of his presentation, Mr Low explained what the term “Social Engineering” means. Social Engineering occurs when someone develops personal relationships and uses them as a tool to gain access to protected information or material. This can be done by eavesdropping on conversations, peering over one’s shoulder to view passwords or even reading confidential documents left out in the open on a desk or workstation.

After Mr Low’s presentation, a Q&A session was conducted where ASPRI members took the opportunity to clarify their concerns and doubts. Finally, the webinar was concluded with a quick photo-taking session to commemorate the event.

ASPRI would like to express our gratitude to our members and AiSP for making this webinar possible. We hope you found it to be beneficial and insightful; and that you have a better understanding of the various cyber-attacks and the measures we can take to prevent them.

Resources:

  1. Presentation slides by AiSP
  2. Webinar recording by ASPRI