While governments around the world are beefing up their cybersecurity defense, an expert pointed out the inadequate investment in producing professionals to meet their goals. This is one of the highlights during Kaspersky’s 2nd Asia Pacific (APAC) Online Policy Forum held recently.
The “arms race” has shifted to technology and governments are fortifying their fences to dodge any possible attacks, whether state-sponsored or by a small group or by an individual. The Solarwinds attack best represents the damage a single cyberattack could do not only to companies but to the nations as well.
“Our analysts’ research-based data shows us the core of the problem — we’ve reached a point where defending cyberspace is crucial to a country’s economy and its population’s safety,” said Eugene Kaspersky, CEO at Kaspersky. “Attacks on critical infrastructure, e.g. healthcare institutions, power grids, water systems, etc. have crossed over from the fictional realm to the physical world. In order to build a safer world and boost our cybersecurity capabilities, from the current crisis and beyond, it’s time to embrace secure-by-design operating systems while at the same time enforcing high-level international cooperation.”
However, the lack of “enough” cybersecurity professionals is not aligned with some governments’ ambition to beefing up their cybersecurity defense.
“Globally we are not making enough cybersecurity professionals,” said Dr. Greg Austin, professor of Cyber Security, Strategy and Diplomacy at the University of New South Wales.
Dr. Austin pointed out the glaring discrepancy in cybersecurity strategies and skills gap noting that there is not enough investments in education to produce cybersecurity professionals.
“Most countries are not prepared to make investments in education for the cybersecurity ambitions they talk about,” Dr. Austin said. “Digital transformation and defense’s capacity building must include educational transformation.”
Citing the Australian government’s Cyber Security Strategy 2020 which is set to $26 million for education out of the total $1.67 billion budget allocated, Dr. Austin highlighted that to achieve this vision, the plan is laid out for 10 years, with the objective of “creating a more secure online world for Australians, their businesses, and the essential services upon which we all depend.”
Azleyna Ariffin, principal assistant director, National Cyber Security Agency (NACSA) of Malaysia echoed the need for experts and that it should be a part of a nation’s strategy.
“We also need to focus on developing skills and knowledge in cybersecurity so that it will be a more effective cooperation if we share the same level of skills and understanding with regards to threats and cybersecurity,” Ariffin said.
Ariffin underpinned the commitment of the Malaysian government to cybersecurity with an allocated budget of $434 million as included in the Malaysia Cybersecurity Strategy 2020-2024, which was announced in October last year.
Kaspersky also noted the shift of cybercriminals’ targets — from smartphones and personal devices to industrial control systems (ICS) and the Internet of Things (IoT), which makes it even more pressing for governments to look at their cybersecurity plans more holistically. He also shared the perspective of the private sector in addressing challenges in building cyber-resilient and cyber-secure digital transformation in APAC.
“Since the beginning of social confinement, we’ve been observing how the global cybersecurity landscape is being impacted by the pandemic. On one hand, people are at greater risk of cyber-intrusions due to their working remotely and spending more time online. On the other, there are more cybercriminals, and they’re getting more skilled and experienced. In 2020 we saw unique malicious file detection rise 20 to 25 percent a day. And today, our researchers are also closely monitoring more than 200 cybercrime gangs responsible for launching hyper-targeted attacks against banks, governments, or nations’ critical infrastructure,” said Kaspersky.
Nguyen Huy Dung, vice minister, Ministry of Information and Communications, Government of the Socialist Republic of Vietnam and Nur Achmadi Salmawan, director of National Critical Information Infrastructure, National Cyber and Crypto Agency (BSSN), Government of Indonesia, also participated in the forum.