Public sector has moved from an ‘if’ to a ‘when’ mentality about breaches
State-sponsored terrorism on the rise, not just due to increase in activity
WHEN most people think of the public sector, it is as a lumbering beast that is slow to change, dragged down by bureaucracy and red tape.
But when it comes to cutting-edge technology and cybersecurity knowledge, governments are not as clueless as you would think, according to the various security companies Digital News Asia (DNA) spoke to in Singapore.
“Over the past 18 months, our customers have come to acknowledge that they have been breached one way or another – there is no more denial,” says Jeffrey Neo, South-East Asia regional director with HP Enterprise Security Products at Hewlett-Packard (HP).
The public sector has shifted as much as the private sector has when it comes to cybersecurity, moving from the ‘if’ to the ‘when’ mentality about breaches and security, industry players say.
READ ALSO: CSM and EC-Council collaborate on Asean CISO workshop
Public vs private threats
While the cyberthreats plaguing the public sector might have some similarities with those targeting the private sector, the motivations behind threat actors can be vastly different, according to Fortinet network and security strategist Gavin Chow (pic).
“The motivation of cyberterrorists or activists is to create as much publicity as possible to spread their ideology or to stand up against governments, via cyber-attacks like Distributed Denial of Service (DDoS) attacks,” he says.
Charles Sterner, global head of innovation and advanced technologies at HP, concurs, pointing out that the attacks on the public sector in larger countries are still centred on the ideological, or are state-sponsored attacks.
However, in South-East Asia, the threat landscape has a slight variation from convention.
“What we were seeing in South-East Asia is a huge up ramp up of cybercrimes in the last few years, where it is not ideological but entirely financial,” Sterner says.
“These are soft targets as they are not spending the money on security,” he adds.
However, Palo Alto Networks chief security officer Rick Howard (pic) disagrees, saying that threat actors have overlapped their attacks, targeting both private and public sectors.
“We are seeing in the last five years a lot of overlap – espionage folks not just going after the government but after the commercial sector, grabbing large databases of information and doing correlations on the backend,” he says.
Another type of threat is the insider threat, where employees or contractors within an organisation might be disgruntled or sympathetic to a cause against said organisation.
“It has been an ongoing problem for many years – these people will have additional access and can bypass security mechanisms at the perimeter,” says Fortinet’s Chow.
“They can access sensitive information for their own personal gains or for ideological gains,” he adds.
The geopolitical situation can also that influence attacks on the public sector. Territorial disputes can trigger an increase of attacks by another state actor, according to Chow.
“More advanced states will have the capabilities to launch covert operations against smaller nations with less advanced capabilities, to gain a political edge,” he says.
HP’s Sterner (pic) agrees, pointing out that in Asia Pacific, there will be interesting developments going on with the tensions in the South China Sea.
However he argues that while state-sponsored attacks may be on a steady rise, attacks on the private sector is seeing growth by leaps and bounds.
“The wild growth is still taking place in the cybercrime side of the threat landscape,” he argues.
Howard agrees to a certain extent, saying Palo Alto Networks is also noticing more of these attacks.
“It’s a little bit of both – putting it into context, the first company to go public with a data breach was Google with the Aurora attacks in 2010,” he says.
“Before that, no commercial company would go public about a data breach. Now that more laws have been passed to make data breaches public, we are beginning to hear more and more about it,” he adds.
When talking about being at the forefront of anything, government agencies and the public sector are not often the first entities that come to mind.
This is a view shared by Palo Alto Network’s Howard, who believes that the public sector still lags the private sector.
“It’s only because they don’t have as much resources as the commercial sector, so by default they are a little behind,” he says.
However, HP’s Neo (pic) disagrees, arguing that the public sector does have a focus on technology and tightening security.
“If you look at the percentage of investments, government sectors have put a lot of focus into heightening security awareness and have put frameworks in place,” he says.
This focus will drive security investments by governments, he says, adding, “So I would not say governments are behind.”
Fortinet South-East Asia and Hong Kong market development director Alvin Rodrigues says that countries are now growing more aware of how security can affect other areas of policy, such as fiscal policy.
“Countries now feel that state attacks affect their international reputation [when it comes to] foreign direct investments (FDIs),” he says.
Singapore’s ‘advanced thinking’
All three companies – Fortinet, HP and Palo Alto Networks – identify Singapore as one of the more advanced countries in the region for its public sector cybersecurity.
“Singapore is way ahead out of the countries I’ve seen,” says Palo Alto Network’s Howard.
“The Cyber Security Agency (CSA) … has really put forth advanced thinking of how to protect this country,” he adds.
Larger countries often get mired in bureaucracy and have a disadvantage in moving quickly to secure themselves, according to Howard.
“The setting up of the CSA this year sends a clear message about the Singapore Government’s approach in setting security standards at the national level,” HP’s Neo says.
“This is a game changer, because if you set the standards and programmes to educate users and tighten security, it is a key step to putting in place a security policy that actually works,” he adds.
While other governments in the region might be moving slowly towards working together on the cybersecurity front, Fortinet’s Rodrigues (pic) believes that all are moving in the right direction.
“The short answer is that everyone has the same goals,” he says.
“The long answer is that everyone is moving at their own pace and capability towards a unified standard and platform,” he adds.
Singapore announces third cyber-security masterplan
Companies resist mandatory disclosure, cybersecurity suffers
Malaysia-Philippines cyber-war claims sites on both sides
APAC emergency response teams in drills with OIC, Euro counterparts
For more technology news and the latest updates, follow us on Twitter, LinkedIn or Like us on Facebook.