While ASEAN is increasingly coordinating its efforts to reinforce regional cybersecurity, more needs to be done to address the constantly evolving threats.
According to a recent World Economic Forum (WEF) report, one of the biggest concerns in regards to the current COVID-19 crisis is the increase in cyberattacks and data fraud. The pandemic has accelerated the adoption of a digital culture worldwide. This means that cyberattacks and data fraud are likely to happen on a more regular basis.
Although the health crisis has raised alarms among experts and businesses about cybercrimes, these issues are nothing new.
In a 2019 Global Risks Report by the WEF, data fraud/theft and cyberattacks were the fourth and fifth biggest threats facing the world according to the nearly 1,000 decision-makers surveyed in the report. It is clear that stakeholders in the public and private sector as well as academia and civil society should intensify efforts to contain potential fallouts.
In recent years, with increased sophistication and volume, hackers’ attacks and their successful security breaches are causing more damage than ever before.
Mark Thomas, Vice-President of Cybersecurity at Dimension Data, told The ASEAN Post that organisations in ASEAN member states are accelerating their security transformation by forging strategic relationships with select partners to build security roadmaps and architectures as well as optimising their infrastructure.
“(ASEAN) governments have issued various guidelines mandating the private and public sector to upgrade their security infrastructure in order to combat the evolving threat landscape,” said Thomas.
“Mature organisations are ramping up their capabilities by investing in threat intelligence platforms as they look to collect, curate, and share threat intelligence with industry peers and information sharing bodies. For others, we’re seeing increased buy-in and collaboration from clients who are looking to exchange experiences and insights via roundtables, security forums, and panel discussions,” he added.
Noting that crypto jacking, web-based attacks – which have doubled year-on-year – and credential theft are among the biggest cybersecurity threats facing ASEAN, ensuring that executives understand how cybersecurity and data protection can deliver – or, if ignored, potentially erode – tangible business value is just as important for Thomas.
Much like their global and Asia Pacific counterparts, boardrooms in ASEAN member states are now increasingly prioritising cybersecurity and are more aware of the threat landscape, compliance, risks and technology innovations. This in turn helps them to identify their focus areas, priorities and investment decisions.
However, ASEAN is still not spending enough on cybersecurity.
Thomas pointed out that to ensure a sustained commitment to cybersecurity and to effectively address the investment gap, ASEAN member states need to spend between 0.35 and 0.61 percent of their gross domestic products (GDPs) – or US$171 billion collectively – on cybersecurity in the period spanning 2017 to 2025 – a small price to pay considering what is at stake.
“As the COVID-19 crisis accelerates dependency on technologically-enabled economic processes, it is also exacerbating those cyber-risks,” stated the WEF.
A report by the United Kingdom (UK) National Cyber Security Centre (NCSC) and the United States (US) Department of Homeland Security identified several ways that cybercriminals are exploiting the current pandemic. For example, the demand for information on COVID-19, accompanied by fear and anxiety has created opportunities for cyber criminals to deliver malware (malicious software such as viruses), ransomware (a type of malware that threatens to publish the victim's data unless a ransom is paid) and phishing scams (fraudulent attempts to obtain sensitive information).
According to the WEF, the increase in work-from-home (WFH) arrangements has also expanded the use of potentially vulnerable services, such as virtual private networks (VPNs) that lack adequate safeguards, amplifying the threat to individuals and organisations.
Although technology has provided convenience and usefulness amid the pandemic, with people and businesses depending on it now more than ever – digitalisation doesn’t come without challenges.