Horangi sees greater focus on security in the region by ‘both attackers and defenders’
By Dzof Azmi June 5, 2019
- Shortage of cyber-security experts is “acute” in Asia.
- Crucial to first focus on getting the right talent
"I'M NOT an expert in the Asian market," confessed Steve Surdu (pic, right), newly appointed as senior advisor to Horangi Cyber Security based in Singapore. "However, over the last few years I have seen a greater focus on cyber-security in this area - both by attacker and defenders."
Surdu was tapped by Horangi after spending seven years at Mandiant, including as vice president of Professional Services, and expanding his attention from the US and Europe towards the Middle East and Asia. (Mandiant rose to prominence in 2013 after publishing a report detailing Chinese government-sponsored cyber-espionage.)
Surdu splits his time between advising Horangi and other firms that call on his expertise, and with that comes the perspective that Asia provides great opportunity for all, good and bad alike. "Asia is the area of the world that companies around the world either depend upon today or are interested in gaining market share," explained Surdu.
"(But) cyber-crime follows the money and threat actors know that it is hard to secure assets in high growth situations where change is constant," he added, citing the massive SWIFT theft at Bangladesh Bank in 2016 as one example.
The focus on talent
The demand in Southeast Asia for a good cyber-security talent is not a new one and it continues to be critical, as countries in the region encourage the private sector to embrace industry 4.0. For example, the recent Robert Walters Salary Survey for 2019 identifies "Cyber-security specialist" as one of the four "Top Roles in Demand" for Singapore.
“The challenge within Asia is that there are relatively few cyber-security professionals," agreed Surdu. "There's a great limitation around the world, but it is especially acute in Asia."
Another factor driving the demand in cyber-security expertise identified in the survey is the number of prominent cyber-security news items seen by Singaporeans in 2018, including the largest ever breach in Singapore's history when records of 1.5 million patients to SingHealth's specialist outpatient clinics were exposed in a breach, including that of Prime Minister Lee Hsien Loong.
The growing awareness has driven home the need for cyber-security, and Surdu admitted that he is peppered by questions from local organisations.
"I have found that the individuals I have met (in Asia) are looking for guidance on where they should start: Do I need a cyber-security strategy? Are some vulnerability assessment activities more appropriate than others? Are outsourced solutions secure?"
Regardless of the policy or technology to be implemented, Surdu stressed that it's crucial to first focus on getting the right talent driving your cyber-security plan. “In security, generally the successful implementation of product depends very significantly on the human component."