SINGAPORE--Asian telcos do not place enough emphasis on IT security, and their weakness lies in their ownership of numerous customer records, which can be exploited by cybercriminals.
According to Wong Loke Yeow, Asia-Pacific and Japan, marketing director of HP's enterprise security, telcos are an "interesting" sector as they prioritize generating revenue and keeping their subscribers from jumping to their competitors, and end up overlooking IT security.
This is a "cause for concern" because the number of cyberattacks are growing in the region and telcos are not focusing enough on protecting customer data, he said at a press briefing here Wednesday.
As cybercriminals have become more sophisticated, such records can "easily" be leaked out through various cyberattack methods, including hacking the network, data centers or database of telcos, or conducting, he warned.
Wong's claims follow a recent spate of hackings on telcos in the region. In July, South Korean telco KT Corporation revealed that the. In June, China Telecom's backend system was .
With the proliferation of hacktivists whose, coupled by , IT security should be a chief concern by telcos, he warned.
For instance, if a telco increases the cost of subscription, hacktivists may strike back with aor expose their customer records, two common cyberattacks which have been perpetrated on many organizations worldwide, Wong said.
Furthermore, many data protection and privacy laws are starting to spring up in many countries in Asia, and telcos should comply with them to protect the privacy of individuals, he pointed out.
In contrast, the public sector and financial industry are the top two most "security aware" sectors in the Asia-Pacific region, he observed.
This is because they are the most targeted by cybercriminals due to the high level of transactions and large amount of sensitive data, he explained. These two industries are also the earliest adopters of technology to enhance their businesses, and so are able to understand the loopholes that pave way for cybercriminals and react quickly to attacks, he added.
Enterprises need to be more proactive over security
Wong's view comes in light of a study by Coleman Parkes Research, commissioned by HP released Wednesday, which found organizations in Asia-Pacific and Japan are becoming more proactive in their security approach.
80 percent of senior business and technology executives surveyed said their organizations' had a C-level executive in charge when it came to security, while 82 percent indicated they were exploring security information and event management (SIEM) measures.
Still, more focus is placed on. Less than half of respondents, at 48 percent have an information risk-management strategy in place, while 48 percent manually consolidate information risk-management reports or do not measure risk at all, which hinders their ability to proactively anticipate threats.
The survey comprised 550 phone interviews among senior business and technology executives within large enterprises of more than 1,000 employees and mid-market companies with between 500 to 1,000 employees in July 2012. Asia-Pacific countries surveyed include Australia, China, India, Japan and South Korea