SLID organizes timely webinar on cyber security for Board members

The Innovation and Technology Committee of The Sri Lanka Institute of Directors (SLID) organized a timely webinar titled “Cybersecurity: What Company Boards Should Know” for its members recently to enhance their knowledge on cybersecurity, a threat that is targeting businesses in an increasingly online world. Nuwan Perera – Chairman of the SLID Committee for Innovation and Technology introduced the keynote speaker Madu Ratnayake – Chairman & Co-Founder of Scybers, a global cybersecurity consulting & managed services company, Board member of SLCert, formerly at Virtusa, Independent Director of HNB, and former Chairman of SLASSCOM as a top professional with deep expertise in digital transformation, cybersecurity and building high performing global teams in high tech and financial services companies.

In his keynote, Madu Ratnayake said that digital adoption is accelerating due to COVID and that there is a significant number of digital services in the market since most companies are taking their companies digital which are accessed by more and more people. “If one looks at the threat landscape in the data breach space, there is a significant increase in cyberattacks. It is not unique to a few companies it is happening across the board in various forms. Cybercriminals are getting more advanced using tools such as AI to carry out their attacks, and hacking has become an industry or business by itself with companies providing various attack services including Ransomware-as-a-Service with increasing rewards. Add to this a severe shortage of skills in cybersecurity and technology estimated at 1.8 m vacancies, it’s a perfect storm into which you are launching in a paper boat. It is in this context that you as a Board member and business leader should look at this situation and make sure you navigate the storm and safeguard your business with what is available”.

He said “It takes on average 287 days to identify and contain a data breach with almost 90% of the attacks happening due to lapses in basic cyber hygiene and companies become victims of “keeping their backdoor open” by not patching their infrastructure, fixing vulnerabilities etc. In relation to targeted attacks, which can be organized crime or nation-state, nothing much can be done to defend. In such a situation, your strategy should be to limit the impact. A data breach or attack will occur at some point in time”.