Updated: May 18, 2019
15th May 2019, was the day "RETHINK CIO" event was organized at Sheraton Hotel Ho Chi Minh city.
John Masud Parvez, CIO / GITD of Hoan My Medical Corporation, Founder & President of Vietnam Social Health Revolution, joined the information security panel discussion on this CIO Conference. On this occasion John highlighted the different recently incidents of information security about around Asia, also health sector. Then he also added, from those incident how he is learning and suggested other to learn to avoid such incident for Vietnamese corporations. These are the brief incidents he mentioned,
On 2018, Singtel's 10,000 access point was exposed to hackers. and Users were redirected to other websites to steal their personal information. On 2018 Singhealth got hacked and exposed 1.4 M Paint information including the Prime minister health record.
In few months of of time again on the first quarter of 2019, Singhealth again got hacked and exposed 14000+ HIV patient information got licked
On 2018, Toyota Motor corporation's Thailand, Vietnam, Australia subsidies got hacked and lost 3.1 Million client information.
Cebuana's 900,000 customer info were lost from CRM
In term of financial impact, NHS of UK had to pay 92 Milloin British Pound bill to resolve and fight back that issue of wanna cry issue.
He also mentioned on the discussion, those example are being used, mentioned for learning purpose only.
Currently around 270,000 - 300,000 new viruses are coming over the internet and present antivirus is unable to handle those newly released viruses. Then John also shared, how the information security should be created though a culture like a constantly knowledge improvement and also show each of the organization should shared the digital empowerment for their users. On this John mentioned this -
IT was something we used to empower ourselves. But that approach is outdated already. Now it's the era of DT means Digital Technology. By DT we empower others and then that power get back to with bigger and better results. By doing that we achieve much high level of effectiveness and efficiency as well for our organizations.
Then John also mentioned how the organization should handle the information security on this -
When we empower others it also expose us. So it's so much important that we shape that power, ensure outsiders cant get in to that empowerment process like a parasite to hurt us.
Then John also mentioned about the information security knowledge need to be built and also sustain inside the organization to minimize the impact or risk of security incident -
If you go gym one day, get back and look at yourself in to the mirror. You will see no difference. if you go to gym next 2 - 3 days and look at the mirror you still will not see any difference. But if you go the gym everyday next 6 months then you will see a notifiable difference inside you. The information security knowledge for the organization should be done exactly in to the same approach in consistent manner, as a part of the organization's culture building process.
To know more John, please visit here