70% of Hong Kong companies saw cyberattacks this year, privacy watchdog survey finds
Hong Kong Free Press
Almost seven out of 10 Hong Kong companies experienced cyberattacks in the past year, the city’s privacy watchdog has found after a survey revealed that firms’ cybersecurity readiness still stood at “basic” levels.
The index, which evaluates companies’ policy and risk assessment, technology control, process control, and human awareness building, increased by 5.8 points from last year to 52.8 on a hundred-point scale, placing the city’s enterprises at the “basic” level.
Companies struggled the most in the human awareness category, as a study commissioned by the Privacy Commissioner for Personal Data (PCPD) found that just over a third of the 442 companies surveyed had provided cybersecurity awareness training for employees, while just under a quarter had conducted cybersecurity awareness drills.
“The lack of awareness among employees could potentially become one of the biggest vulnerabilities in an enterprise’s cyber security,” said Alex Chan, general manager of digital transformation at the Hong Kong Productivity Council, which conducted the survey.
Companies needed to conduct regular exercises such as phishing tests and security drills to monitor and address weaknesses, he added.
Cyberattacks, AI tools
Small and medium enterprises (SMEs) scored 48.4 points on the index, up 4.8 from last year, while corporates reached an all time high at 73.1 points, up 10.6 from last year, according to the watchdog’s Thursday statement.
However, the survey also found that nearly 70 per cent of the surveyed enterprises had experienced at least one type of cyberattack in the past 12 months, a slight decrease of four percentage points from last year. A majority of corporates, at 71 per cent, had experienced cyberattacks.
The financial services sector performed the best out of all the six surveyed fields, with a rating of 68.3 on the readiness index.
The business sectors covered retail and tourism; manufacturing, trading, and logistics; NGOs, schools, and others; financial services, professional services, and information and communications technology.
The privacy commission touted artificial intelligence as a “double-edged sword” to combat cyberattacks. “Hackers use AI tools… how can companies use them to ramp up their cybersecurity regimes?” Chan said at a press conference on Thursday.
Banks, for instance, were looking into using an AI tool capable of identifying soundwaves to identify bogus calls, he said.
About a fifth of the companies surveyed currently used AI tools in their operations, with a higher adoption rate of 43 per cent among corporations, the survey found.
Of the companies that had adopted AI, two-thirds had implemented at least one data security measure.
Companies and government departments have seen a string of cyberattacks in past months.
In May, the Fire Services Department reported a potential data leak, the third similar incident involving a government department in less than a week, following the Electrical and Mechanical Services Department and the Companies Registry.
The city’s Consumer Council and tech park Cyberport also fell victim to hackers last year., while Oxfam saw a potential data breach this July.
The government has proposed a cybersecurity law meant to enhance safeguards for critical infrastructure. It is expected to cover cyber systems of sectors including energy, information technology, banking and financial services, land transport, air transport, maritime, communications and broadcasting, and healthcare services.
Under the proposed legislation, computer system operators behind critical infrastructure could be fined up to HK$5 million for lapses in cybersecurity.
Support HKFP | Policies & Ethics | Error/typo? | Contact Us | Newsletter | Transparency & Annual Report | Apps
Help safeguard press freedom & keep HKFP free for all readers by supporting our team
.wp-block-newspack-blocks-homepage-articles article .entry-title {
font-size: 1.2em;
}
.wp-block-newspack-blocks-homepage-articles .entry-meta {
display: flex;
flex-wrap: wrap;
align-items: center;
margin-top: 0.5em;
}
.wp-block-newspack-blocks-homepage-articles article .entry-meta {
font-size: 0.8em;
}
.wp-block-newspack-blocks-homepage-articles article .avatar {
height: 25px;
width: 25px;
}
.wp-block-newspack-blocks-homepage-articles .post-thumbnail{
margin: 0;
margin-bottom: 0.25em;
}
.wp-block-newspack-blocks-homepage-articles .post-thumbnail img {
height: auto;
width: 100%;
}
.wp-block-newspack-blocks-homepage-articles .post-thumbnail figcaption {
margin-bottom: 0.5em;
}
.wp-block-newspack-blocks-homepage-articles p {
margin: 0.5em 0;
}
HKFP has an impartial stance, transparent funding, and balanced coverage guided by an Ethics Code and Corrections Policy.
Support press freedom & help us surpass 1,000 monthly Patrons: 100% independent, governed by an ethics code & not-for-profit.