Organisations’ reluctance to share information makes things worse
Need to be as structured in responding to security incidents as they are to disasters
THE biggest cybersecurity challenge in South-East Asia is not in acquiring technology, but educating and acquiring people with the right skills, according to Edward Lim (pic above), RSA South-East Asia managing director.
RSA customers are facing a challenge in finding and employing people with the appropriate skills to analyse and deal with attacks and threats to enterprises, he told Digital Asia Network (DNA) on the sidelines of the RSA Conference Asia Pacific & Japan (RSAC APJ) 2015 going on in Singapore this week.
This, against a backdrop of increasingly sophisticated threat actors and the increasing need for cybersecurity, is creating an “interesting dynamic” in the South-East Asian market where enterprises’ security “expenditure has increased with little reduction in disruption,” Lim remarked.
Enterprises are pouring money into their security measures, but such spending is usually focused on the latest ‘hip’ thing security companies tout and not necessarily on what enterprises may actually need, he argued.
“A lot of customers are rushing to act because of the pressure to act, from regulatory requirements or security incidents,” Lim said.
“[Their security spending] depends on what marketing message the vendor community throws at them … if they say you need more malware detection capabilities, you spend more money on it,” he added.
Lim said he hopes to see more “enlightened” enterprises which look beyond the latest marketing hype.
“Only more enlightened customers will go beyond malware detection capability and say, ‘Yes, I need malware detection but I also need visibility and I also need authentication’,” he said.
“They also know that half the time they get into trouble because they don’t know how to respond,” he added.
Lim said that enterprises should approach security the same way they approach disaster recovery: With structured responses and capabilities, and not by reacting wildly when faced with an attack.
Culture of secrecy
The culture of secrecy in Asia is also working against enterprises. While threat actors are willing to share their exploits within their ecosystem, it’s the opposite with enterprises.
“Threat actors share information, customers don’t,” Lim said.
“From the customer point of view, we don’t share information on who attacked us or what tools they used. We are too shy to let people know we have been breached.
“We only hear about breaches in those countries where there are regulatory requirements to announce them,” he added.
Lim argued there should be a community effort to share information on attacks.
“Threat actors are lazy people, they always go after the lowest hanging fruit … so the faster you share information, the faster they have to evolve – making it more challenging for them,” he added.
While there are some avenues for sharing information – like the Financial Services Information Sharing and Analysis Centre (FS-ISAC) – convincing businesses to share information still remains a challenge.
Navigating a maturing market
RSA has been in South-East Asia for over a decade, but the security space here is now getting increasingly crowded with new companies.
However, Lim was confident that RSA would be able to evolve and remain relevant.
“RSA, since its acquisition by EMC Corp, has evolved quite a bit – we are now more focused on identity and access management, and governance,” he said.
“The reason for that is because half of the breaches are not a result of malware but of compromised identity. We are focusing on that to enable organisations to know that whoever is accessing the system is who they say they are, basically,” he added.
The move towards identity management is also being driven by the great number of threats out there, beyond what human analysis alone can handle.
Lim said RSA is being guided by the need to change mind-sets towards security, as well as to provide a broad spectrum of solutions for customers.
“Enterprise customers understand that they cannot look at things in silos – in other words, a better way is to understand their entire risk posture,” he said.
Securing the region
Lim also believes that RSA has a social responsibility to help develop the market.
“The biggest problem is not technology … the challenge is that there is not enough people who know how to analyse and respond to threats,” he said.
RSA has been reaching out to tertiary institutions to help build cybersecurity into their curricula. For example, it is working with Singapore’s Temasek Polytechnic, where the latter’s students also get to spend six months in an RSA production security operations centre.
The company also participates in skill transfer programmes like the Singapore Economic Development Board’s Strat.
“They hire a handful of people – we send them to the United States for training and we attach them to our production security operations centre, then they will come back and be available for the industry,” Lim said.
“We suspect once this is known, other Asean countries will be asking us to do the same,” he added.
RSA CTO on risk, changing mind-sets and staying ahead
Security startups need to look at ‘hard problems’
Security no longer about ‘no,’ but ‘know’
Big data approach can help shore up cyber-defence: RSA
Defining, managing identities of entities crucial in Internet of Things: Gartner
For more technology news and the latest updates, follow us on Twitter, LinkedIn or Like us on Facebook.