Macau’s private and public sectors don’t do enough to ensure that the information stored in their servers is protected from hacking and other security breaches, Gilbert Chan Tong Seng, executive director of Macau New Technologies Incubator Centre (Manetic), said Thursday.
Chan issued the warning while revealing the findings of the 5th Macau Information Security Survey, conducted by Manetic.
He said at a press conference that after surveying the two sectors between July 14 and September 17, Manetic found that measures taken by the government on security management are sub-par compared to those taken by private companies, as 41 percent of public sector entities said they had “fully” or “mostly implemented” access control and communication protection measures, while another 41 percent said they had only “partially implemented” such measures. In the private sector, 47 percent said they had “fully” or “mostly implemented” access control and communication protections measures.
Moreover, 35 percent of the two sectors’ respondents said they did not regularly update their Web servers, making them vulnerable to Internet attacks – a four percent rise compared to last year, but still three percent lower than the 2012 figure.
In terms of disaster recovery planning, Chan said 31 percent of the respondents said they had “fully” or “mostly implemented” the plans, while 40 percent said they had been “partially implemented”.
Chan said the survey’s findings showed that about 70 percent of respondents do not have the information technology expertise they need to set security management policies.
He blamed this on the fact that there are not enough professionals who specialise in information security and protection in Macau.
“Many sectors in Macau are experiencing labour shortages… it takes a long time to train personnel related to the field of data protection,” said Chan, noting that many professionals in the field opt to work for casino companies. “If companies are willing to hire them and pay higher salaries, it would benefit them in terms of protecting information and data.”
Chan said the reasons for hackers to attack data systems may vary from personal gain to political considerations, adding that so far this year Manetic has tackled over 60 cases where servers were attacked
He urged companies to regularly check and update their systems’ servers, saying that hackers usually go for the easiest targets.(macaunews/macauhub)