Ng Teck Siong, underwriter, Cyber and Technology, Beazley: regular training helps ensure all employees understand the policies for hosting virtual meetings securely. Credit: Beazley
ASIA - Virtual meetings pose many challenges and more importantly, dangers, that need to be addressed. A cyber incident that is badly managed can damage a company's reputation and future income should they lose clients. This is especially so for an industry that is service orientated. With more events and meetings moving towards virtual spaces, cyber risk management will be increasingly at the forefront of organisers' minds.
Accepting digital services from a provider that has weak security and privacy protection measures is something that is often overlooked amid the disruptions cause by the current pandemic. M&C Asia spoke to Beazley underwriter, Cyber and Technology, Mr Ng Teck Siong, on such matters.
He said: "This could endanger the privacy of participants and risks enabling unauthorised access by cyber criminals who actively spear-phish for sensitive data, including personally identifiable information (PII) or network access credentials. Virtual meeting protocols and systems need to be watertight to prevent uninvited individuals accessing calls."
In order to mitigate such risks, selecting a secure service provider with a good track record is the first step. Organisers should always safeguard their meetings with end-to-end encryption and use one-time passcodes (OTP) and multi-factor authentication (MFA) to protect the privacy of its users and information.
Mr Ng added: "Regular education and training is important to ensure all employees understand the policies for hosting virtual meetings securely to mitigate potential risks. This is particularly important when employees are working from home and using programs that may be new to them.
"Our advice to clients is to always conduct baseline cyber-hygiene checks on potential providers and to work with trusted insurance and cyber security specialists."
He said that MICE professionals should consider cyber insurance not just as a means of financial risk transfer, but also the risk management services they can access to help protect themselves against breaches and to respond to a cyber incident should one occur.
"Breach management services can help work with external stakeholders including regulators, IT security specialists and customers in the event of a breach.
"To further ramp up security measures of virtual meetings, organisers should be aware of and adhere to relevant data protection rules across various jurisdictions, especially if the meeting seeks to host global attendees. In addition, secure online payment and registration processes must be in place."