Small to medium enterprises lack awareness around why cybersecurity is essential to their businesses, according to Responsible Cyber CEO Magda Chelly.
Speaking to Which-50 during the Trend Micro CloudSec conference in Melbourne last week Chelly said, “They do not realise that — as per the statistics — most of the SMEs that have been through cyber attacks are out of business after three years. Why? Because they can’t recover.”
She said businesses should be building trust with their customers and if you lose that trust, you’ll lose business.
“I think that’s also the problem of thinking that cybersecurity is still something very technical, but it’s not, it’s people, process and technology. It’s all about a shared responsibility and that is a social responsibility as well.”
As the managing director of Singapore-based Responsible Cyber, Chelly provides companies with cybersecurity advisory and training, building a cyber security strategy and organising their teams to build the business cyber resilience.
She has worked with Fortune 500 companies and is now working with SMEs building a dedicated SaaS platform where business owners can get all-in-on assistance for understanding their cyber risks, implementing the adequate efficient controls, and monitoring cyber compromises.
She noted SMEs don’t consider privacy and security most of the time. The startups that she has worked with 80-90 per cent of them don’t consider security, no matter what industry they’re from.
“Why? Because it’s expensive, and they don’t hire [cybersecurity experts] from the beginning. They hire only developers and from my own experience, developers have very low maturity level cybersecurity, it’s not their fault.”
Chelly said the world is interconnected and everything digital is a part of an ecosystem so if one device or component of that ecosystem is vulnerable then the whole ecosystem is vulnerable.
Women in Cyber
Chelly also leads Women in Cyber, an organisation for women who work in cybersecurity. The group has 180 members based in Singapore but Chelly hopes to expand that membership overseas.
This group holds workshops on topics such as how to enter the workforce or where to start in cybersecurity. They also hold social nights where women are welcome to network and discuss some of the challenges they face.
She launched the organisation in 2016 after a meeting with fellow cybersecurity colleagues when she was the only woman in the room.
After that meeting she wanted to make a change to show that women in cybersecurity can make a difference. Chelly began calling herself a “cyber feminist” on her social channels and from there turned into the chapter it is today.
The group held its first Capture The Flag (CTF) events for women in July this year.
“I wanted to showcase the growth group of hackers in a room. And we had 25 amazing women hacking all day. I posted the pictures all over social media to show companies when you do a hackathon or CTF, try to make the extra effort and invite women because they are there and they’re capable.”
Chelly told Which-50 she is about to launch a scholarship giving women who are struggling financially the opportunity to complete their Offensive Security Certified Professional (OSCP) certification sponsored by Responsible Cyber.
This is aimed at women in undeveloped countries like Vietnam, Cambodia, Tunisia. “Countries where they cannot afford US$800 to pass certification. We’re going to do this every three to four months,” she said.
The certifications take three months which involve lab work and an exam. She said, “Change comes with actions, not only talk.”
Chelly judged a number of scholarships including the (ISC)² for cybersecurity programs and seen how many women have applied from countries where they cannot afford the US$800 for the various courses.
“If [the course] is not paid by the company, you might not have the money to pay it, especially if you’re just starting in your career or middle management.
“That experience plus the fact that how much it costs and the social economic situation of some of the countries where actually women have less opportunities. I think that makes sense for us to drive that initiative.”