Cyber Security World Asia 2022: Data Privacy Challenges in the Travel Industry with Eurocontrail Secure's Serge Christiaans
Q: What do you feel is the biggest cybersecurity challenge facing businesses within the next year? What impacts does this challenge have? And how can we overcome this challenge?
My viewpoint is typically from the SME perspective. Their cyber security maturity is often more challenging due to lack of resources, funds and awareness. If you combine this with the huge amount of data breaches today, and the fact that most SMEs are not resilient enough to withstand a data breach, then I’d say that loss of private data is their biggest business risk for the foreseeable future.
Overcoming this challenge means taking at least your basic cyber hygiene serious. Train your human firewall - your precious employees - and find a way to increase the digital literacy of the leadership. The latter is continuously being ignored, but as long as they think that cyber security is an IT problem, and that threat actors will surely not attack their company, then there is work to do.
Q: Do you have your eye on any specific technology or cybersecurity strategy that can help an organisation protect themselves from cyberthreats, and why?
I see that there is a structural over-reliance on the technology stack. Technology cannot solve everything. There are people and processes that need careful attention when securing your company, too. My strategy for my clients is always holistic and end to end, and I love to use the people, process and technology (PPT) framework for that.
Q: Data privacy is a huge concern for businesses across many industries, including travel. What are some common threats to data privacy and how do you go about tackling them?
The risk of losing private data of your customers is very real today, with a highly active and well organised global criminal ransomware community out there. The statistics show that many ransomware on SMEs are successful. Unfortunately, they also show that many breached SMEs are not resilient enough to withstand such an event and are out of business soon afterwards.
Q: What would be your biggest piece of advice for fellow CISOs and cybersecurity professionals who are looking for answers to protect their organisation?
One of my mantra’s is 'cyber security is teamwork'. Team up with your industry peers, learn from each other, and share experiences. While we are at it, take your DPO or data privacy team with you. You all have a common responsibility to keep private data secure.
Q: What do you feel is the value of in-person events like Cyber Security World Asia, and why would you encourage fellow business leaders to attend your sessions?
Since cyber security is teamwork, networking and getting to know your CISO peers is essential, and events like Cyber Security World Asia facilitate that in a pleasant and professional atmosphere.
Serge will lead a session on Data Privacy Challenges in the Travel Industry, and will also be part of a panel session on the CISOs Manual: Protecting Your Organisation Amidst the Evolution of Cyber Attacks with experts from Bukalapak, Menlo Security, and CrowdStrike at Cyber Security World Asia 2022.