The recently concluded Asia Pacific Online Policy Forum II hosted by cybersecurity company Kaspersky saw a host of the region’s most prominent experts and policy makers across Asia meeting virtually to share thoughts, ideas and solutions based on the overarching topic of “Guardians of the Cyberspace: can justice always prevail?”
Hosted and opened by the founder and CEO of Kaspersky, Eugene Kaspersky himself, the Asia Pacific Online Policy Forum II programme saw over 1,000 participants across the region including C-level officers, government officials and the press. The following notables also took point in the discussion:
- Mr. Nguyen Huy Dung, Vice Minister, Ministry of Information and Communications, Government of the Socialist Republic of Vietnam;
- Mr. Nur Achmadi Salmawan, Director of National Critical Information Infrastructure, National Cyber and Crypto Agency (BSSN), Government of Indonesia;
- Ms. Azleyna Ariffin, Principal Assistant Director, National Cyber Security Agency, Government of Malaysia; and
- Dr. Greg Austin, Professor of Cyber Security, Strategy and Diplomacy, University of New South Wales; and Senior Fellow for Cyber, Space and Future Conflict, International Institute for Strategic Studies
In the opening keynotes, Eugene shared more on the latest cybersecurity threat landscape and trends brought about by the pandemic along with a noted shift of targets by cybercriminals from smartphones and personal gear to industrial control systems (ICS) and hardware connected to the Internet of Things (IoT).
Eugene also shared more about how the private sector is tackling these challenges on the road to digital transformation.
“Since the beginning of social confinement, we’ve been observing how the global cybersecurity landscape is being impacted by the pandemic. On one hand, people are at greater risk of cyber-intrusions due to their working remotely and spending more time online. On the other, there are more cybercriminals, and they’re getting more skilled and experienced. In 2020 we saw unique malicious file detection rise 20 to 25 percent a day. And today, our researchers are also closely monitoring more than 200 cybercrime gangs responsible for launching hyper-targeted attacks against banks, governments, or nations’ critical infrastructure,” reveals Kaspersky.
Four-layer of protection
Mr. Nguyen Huy Dung, Vice Minister of Vietnam’s Ministry of Information and Communications (MIC) shared how the country has conducted active steps to secure its cyberspace, which include establishing national cybersecurity law, standards, and blueprint across government and private organisations.
“No one can cope with cyberthreats alone. No one can be safe alone,” Mr. Dung emphasised.
He highlighted the four-layer of protection model in Vietnam which involves an in-house team (first layer), 24/7 cybersecurity services by a professional provider (second layer), an independent security audit (3rd layer), and an independent monitoring by the National Cybersecurity Center (NCSC) of Authority of Information Security, Ministry of Information and Communications (4th layer).
Another successful project cited is the “Review and remove malware nationwide in 2020” campaign by the National Cyber Security Centre (NCSC) of the Vietnam Authority of Information Security which resulted to the number of Botnet IPs nearly halved and over 1.2 million computers scanned, detecting more than 400,000 of those infected with malware. Kaspersky is among the private partners in this initiative conducted from September to December 2020.
Education and cybersecurity
Dr. Greg Austin, Professor of Cyber Security, Strategy and Diplomacy at University of New South Wales, underlined the crucial connection between cybersecurity capacity building and investments in education.
“Globally we are not making enough cybersecurity professionals,” said Dr. Austin. He added that, “Most countries are not prepared to make investments on education for the cybersecurity ambitions they talk about. Digital transformation and defense’s capacity building must include educational transformation.”
He also noted that The Australian Cyber Security Strategy 2020 will invest 26 million for education out of the total $1.67 billion budget allocated, for over 10 years to achieve the vision of creating a more secure online world for Australians, their businesses and the essential services upon which we all depend.
As a suggestion, Dr. Austin noted that graduates from colleges and universities should be exposed to real-life simulations, exercises, and red teaming to increase their skills and knowledge about cybersecurity.
Ms. Azleyna Ariffin Principal Assistant Director, National Cyber Security Agency (NACSA) of Malaysia echoed the need for experts and that it should be a part of a nation’s strategy.
Adding the exponential rise in technology use and the number of threats amidst the still on-going pandemic, she said, “We also need to focus on developing skills and knowledge in cybersecurity so that it will be a more effective cooperation if we share the same level of skills and understanding with regards to threats and cybersecurity.”
This is among the key priorities of Malaysia Cybersecurity Strategy 2020-2024, announced last October, with allocated budget of $434 million and five pillars to improve the cybersecurity management and capability of the country.
Asia Pacific Online Policy Forum II –Social awareness, shared responsibility
Aside from formal education, Ms. Ariffin added the need to increase awareness for the mass public regarding the dangers lurking online. She noted that NACSA is partnering actively with the Ministry of Education and the Ministry of Communications and Multimedia in Malaysia to spread the message strategically.
Mr. Nur Achmadi Salmawan, Director of National Critical Information Infrastructure, National Cyber and Crypto Agency (BSSN) agreed and shared that BSSN also involves several government agencies, the academia, and the society to spread cybersecurity awareness among Indonesians.
Focusing on protecting national interest and promoting national economic growth, he highlighted that BSSN has launched last December the Draft National Cyber Security Strategy for the country. The strategy is aimed to combat technical threats and even social threats in Indonesia.
“Social media becomes the weapon for organisations and individuals to manipulate information for their own interest. It is important to inform people how to use the internet correctly and safely,” Mr. Nur added.
Acknowledging the COVID-19 aftermath of increased reliance in technology and devices, all of the speakers with Kaspersky agreed that regional collaboration, private and public high-level cooperation, and knowledge sharing are essential ingredients in building a country’s cybersecurity.
Kaspersky adds: “Our analysts’ research-based data shows us the core of the problem – we’ve reached a point where defending cyberspace is crucial to a country’s economy and its population’s safety. Attacks on critical infrastructure, e.g. healthcare institutions, power grids, water systems, etc. have crossed over from the fictional realm to the physical world. In order to build a safer world and boost our cybersecurity capabilities, from the current crisis and beyond, it’s time to embrace secure-by-design operating systems while at the same time enforcing high-level international cooperation.”