Self-interest rather than regulation is the future of cybersecurity, according to a new report from ACCA (the Association of Chartered Certified Accountants).
Technology is evolving at a very high a rate, and due to this any legislation would be out of date before it is signed in to law.
Data breach can do tremendous damage to a company's reputation making customers and potential customers to think very carefully about their involvement with a company if they have had a data breach.
It is thus imperative for companies to safeguard digital intellectual property and business information and use technology architectures to prevent breach and protect against abuse.
"To stay ahead of cyber threats, business would have to develop capabilities to detect vulnerabilities and identify emerging threats," said Nina Tan, managing director of Business Intelligence and Analytics and vice-chairman of the ACCA Singapore Network Panel. "Because of the nature of cybersecurity, we believe that authorities and governments would be best placed using their resources to raise awareness among businesses, and to put resources in to creating mechanisms to catch perpetrators."
Today, data is being used in many ways, and this may help criminals to use this information to commit fraud.
"A basic rule of thumb is that if there is value in the data to a criminal then there is value in protecting it and because data is digital it can be replicated over and over again, potentially before the businesses are even aware," said Jason Piper, ACCA head of business law.
Authorities struggle to choose the best way to regulate data and wonder if it is better to prescribe hard law or soft law.
The survey notes insurance as a growing area in the field of cybersecurity but says it is an extremely complex job for underwriters to value data and set suitable premiums.
Finally, employees are a seen as a major threat to a company's cybersecurity and it is likely that in every data breach an employee will be involved whether directly or indirectly and whether knowingly or unwittingly.
"Employee involvement in data breaches demonstrates the need for increased knowledge and awareness amongst all in the company. Everyone has a role to play in the protection of data," concludes Piper.
Sign up for CIO Asia eNewsletters.