IF I WANT TO SOLVE THE PROBLEM OF INFORMATION SECURITY , I MUST FIRST SOLVE THE ISSUE OF PEOPLE AND PRIVILEGES
INDUSTRY WATCH
IF I WANT TO SOLVE THE PROBLEM OF INFORMATION SECURITY , I MUST FIRST SOLVE THE ISSUE OF PEOPLE AND PRIVILEGES
Retail businesses are some of the most targeted by cyber-attacks . Heng Leong Hang , one of the oldest and best-known retail brands in Taiwan , is no exception . Faced with hundreds of employees in 70 stores across the country and a high staff turnover ratio , the threat of a breach and impact on customers , staff and business operations was significant . One of the weakest points was the staff ’ s susceptibility to phishing and identity theft .
“ My biggest difficulty is that people are the biggest variable ,” said Timo Lu , Head of Information Technology , Heng Leong Hang .
“ If I want to solve the problem of information security , I must first solve the issue of people and privileges – and that is all about identity security .”
Protecting identities is one of the most important facets of building a robust and effective cybersecurity strategy . The business had suffered several major cyber-attacks in the past and it wanted to do everything possible to prevent it from happening again . However , it was proving difficult to lock down personnel control and privilege identity management , in addition to patching and protecting vulnerabilities . Management did not have a clear view of the privileged accounts that were not effectively controlled and the corresponding password management that needed to be strengthened .
Another challenge lay in the company undergoing a major Digital Transformation . Alongside its traditional on-premises IT infrastructure , the company needed to consider its comprehensive information security framework which integrated various business services such as websites , e-commerce services and cloud platforms such as AWS cloud resource environments .
Timo Lu , Head of Information Technology , Heng Leong Hang
The core systems that Heng Leong Hang relies on include data collection and analysis platforms , sales and customer information and extends to important ERP systems . As well as strengthening the protection of the company ’ s overall systems and operations – protecting ERP and customer data was critical .
Heng Leong Hang conducted a detailed review of various solutions and decided to partner with CyberArk . “ Selecting CyberArk was a clear choice for Heng Leong Hang ,” said Lu .
“ Our big risk has always been phishing , and with the advent of generative AI we can only rely so much on cyber security training and protection mechanisms such as anti-spam and anti-phishing . Some phishing
www . intelligentcio . com INTELLIGENTCIO APAC 73