PROFILE: Job in cybersecurity leads to discovering espionage groups

Many cybersecurity specialists have made it their mission to not only spot the threats but also to ensure that customers are well-positioned to dodge the attacks. Halim Santoso, System Engineering (SE) director for the ASEAN region at Symantec, is one of those people.

Symantec was founded in 1982 with a focus on providing software services until it evolved to become one of the known brands in cybersecurity.

Santoso holds a Bachelor degree in Engineering, majoring in Communications from the Royal Melbourne Institute of Technology. He has always shown interest in network domains. He started his career with one of the pioneer security solution distributors, Quantiq International when security was still at its infancy stage in Asia.

But it was at Symantec that he developed a different level of curiosity in cybersecurity. It may not be his intended path post-graduation but he has since become valuable to both the company and customers and he has no intention to cease learning as the threat landscape is constantly changing.

Since joining Symantec, he has held multiple roles that have contributed to his wide spectrum of cybersecurity experience today, ranging from security consulting, residency services, pre and post sales across various regions in the Asia-Pacific. Prior to his current role, Santoso led the specialist business development team for the Asia South region.

“Today, I apply my knowledge, experience, and skillsets across a wide range of cybersecurity domains to help customers better understand how the current threat landscape applies to their respective environments,” Santoso tells Back End News in this exclusive feature. “My role is to empower and enable them to understand how Symantec’s solutions and services can help them manage and significantly reduce their cybersecurity risks.”

Santoso invests the majority of his time with customers to not only better understand and strategize solutions for their complex IT challenges within their business environment, but more importantly, to evaluate and recommend the best route to grow the line of business for the Asean region.

While still not on high priority in organizations, cybersecurity is getting noticed thanks to the increasing number of reported data breaches among the established organizations. This is what keeps Santoso extremely busy these days.

“The dynamic and evolving nature of cybersecurity means that our clients are constantly susceptible to new threats,” he says. “This means we have to continually update our products and solutions to better serve our customers. There is always a new threat or attack taking place globally.”

He relates how his team of security researchers found out about new espionage groups such as Earworm, which targets military operations in Central and Eastern Asia. These espionage groups continue to develop new technologies and tools to compromise their targets. Part of his role is to be aware of such developments so that they can prepare countermeasures, advise customers, and raise awareness of Symantec’s security technologies to combat against these threats.

Amid these challenges of constantly monitoring threats to keep attacks to customers at bay, Santoso says that customer satisfaction more than makes up for the sleepless nights.

“With the increasing need for data integrity in this age of rampant information disarray, it is very fulfilling to be an agent that helps to secure and protect our customers from potential damages caused by data theft,” he says.

He remembers how he successfully helped a customer achieve his key performance indicators as a result of their “excellent partnership.” The customer was recognized within his organization and was eventually promoted to CISO. The trust they built toward each other lives up to this day.


While he now leads a team of security consultants across the Asean region to drive technical advice and solution strategies for customers, Santoso went through an intense training as a cybersecurity practitioner that required him to find a new malware embedded within an organization 12 years ago.

“I need to locate the source of the infection and identify the malware from the source machine to investigate the malware’s behavior,” he says. “It was very challenging because back then, there weren’t as many methodologies and tools available to perform such complicated tasks.”

Santoso believes that a cybersecurity personnel must possess an intuitive and inquisitive mind because “threats are evolving at a rapid pace and one needs to be able to think outside of the norm and consider all options available in an objective manner in order to determine the best approach to resolve or minimize the risk of a breach.”

“A security partner should be as resolute yet flexible in protecting an organization against threats and data loss,” he says. “They should also be able to look into potential scenarios and create future-proof protection for the organization.”

Cybersecurity talent

“As for the talent pool, cybersecurity is a very diverse domain spanning anything from cryptography to risk and compliance,” he explains. “This means that finding the talent specific to the needs of the organization can be very difficult.”

The high level of awareness is now punctuated with cybersecurity being included in the educational curriculum by institutes of higher learning, according to Santoso. “Previously, it was only made available by specific certification bodies such as ISACA and ISC2.”

He also says that individuals who are looking at this field must not cease to “explore, learn and ask questions. Boost your knowledge and obtain the right certifications. It’s never too late to learn as cybersecurity is constantly evolving.”

Categories: Uncategorized

Tagged as: , , ,