Over the past decade, the volume, frequency, and severity of cybersecurity incidents have escalated. Since the first documented mega-breach in 2013, there has been a steady increase of cybersecurity incidents resulting in significant losses of data and funds.
While not every account breached has had financial information compromised, the global cost of cybercrime remains staggering: conservative financial estimates tip the scale at $1 trillion USD annually – but studies suggest that costs could exceed $10 trillion by 2025.
With the frequency and severity of these attacks on the rise, many nations have experienced a noticeable impact on their gross domestic product (GDP). To combat the impact of this disruption, governments are introducing new laws and regulations addressing cybersecurity concerns. While the nuances of these laws may vary, most require organisations to notify affected users and relevant authorities should a breach occur. However, the definition of an incident requiring notification varies between countries. For example, in some jurisdictions, breaches resulting in financial losses to publicly listed companies may need to be reported to the relevant stock market, unauthorised access to user or customer information may be subject to a different reporting regime.
For global organisations, this means employing a reporting system for cybersecurity incidents built to meet specific jurisdictional obligations for each region of operation. A Critical Event Management (CEM) platform with a powerful multi-channel communication system can help ensure compliance with complex rules across various regions – keeping all relevant parties easily and rapidly informed of an incident in accordance with local laws and other obligations.
This whitepaper is designed to help you improve your cybersecurity efforts through assessing a different incident notification regime applicable to several regions across the Asia-Pacific region.