Among the checks, companies need to be more proactive about protecting client and corporate information. "This isn't easy, and requires a layer of defences," he said.
Internet security planning starts, at the ground-level, with staff training and awareness, he said. "This is also about having processes and policies in place."
He added that corporate systems and networks need to be maintained, updated and patched, as and when needed. "Audit the internal and external systems that are in use," he said.
Moreover, it's important to routinely monitor the status of network for abnormal behaviour. "It's about backing everything up. Make sure logs are properly maintained, and be ready for incident response, if (and when) something happens."
Hyppönen, also Chief Research Officer at F-Secure, the Finnish antivirus company, said there are few alternatives to open information access, including email, the sharing of corporate data, or anywhere, anytime communications spanning billions of connections worldwide.
Moreover, there is nothing private about social media channels, or peer-to-peer communication. Malware is also more pervasive, including on Android phones.
Consumers need to be mindful about what they install, including third-party apps. "What looks like a game may compromise a personal device, and leave other connections vulnerable to attack," he said.
Sign up for CIO Asia eNewsletters.