CK Fow, the associate director of security services provider LGMS, said organisations cannot just focus on backend security.

“Organisations tend to invest and focus more on backend security, such as servers, firewalls and intrusion prevention systems.

“They may forget the most important part, which is the front end security, such as end-user computers,” he said.

“Cybersecurity is made up of many layers. So make sure you secure both your front and back ends,” said Fow, who has done extensive research on the SingHealth cybercrime incident.

The cyber attack last month saw the non-medical records of the 1.5 million individuals – including their names and other personal particulars – illegally accessed and copied.

About 160,000 people, including Prime Minister Lee Hsien Loong, also had their medical records taken away.

Fow said organisations today should be aware that attacks usually came from within and that human weakness was still the biggest root cause of cybercrime incidents.

He stressed on the need to be constantly aware and wary of such cyberattacks.

“The first and last line of defence happens to be human, hence it is very important for everyone in an organisation to spot potential cyber attacks,” he said.

On some of the best practices and what companies should watch out for in the future, Fow said they must always look out for something that is too good to be true.

“There is no free lunch in the world. Always look out for something that is too good to be true, beware of attachments and links, even if they are being sent by a trusted source.

“Verify the source before opening or keying in any sensitive information.

“Also, keep your systems updated. Constantly perform Windows updates, software patches and anti-virus updates.

“These can just be as simple as a few clicks, yet they can effectively prevent cyber attacks,” he added.

State-actors likely behind Singapore cyberattack, experts say