There has been a recent surge in cyberattacks and data breach incidents in the Hong Kong Special Administrative Region (SAR). In January, the University of Hong Kong was reported to have experienced a data breach where the personal data of as many as 7,400 students, academic visitors and programme applicants may have been leaked. Hong Kong business park Cyberport also experienced a data leak recently when an international hacking group infiltrated their system and stole up to 400GB of confidential documents. The hackers demanded a ransom, which Cyberport refused to pay and, as a result, the data was eventually leaked on the dark web. According to various reports, the leaked information included Cyberport’s financial reports, loan status, and employee data. This incident generated widespread discussion and debate, and reminded the public how vulnerable we are as we learn to adapt to the digital space.
Rebuilding trust and recovering from reputational damage takes time and resources. That’s why investing in proactive measures and having a robust cyber incident response plan is not just a matter of security, but a critical business strategy that can substantially minimise and contain the impact of a breach.
Developing a cyber incident response plan
A comprehensive cyber incident response plan helps ensure breaches are effectively managed, determining, in advance, a strategy for identifying, containing, assessing and managing the impact brought about by the incident from start to finish.