Microsoft wants to unite APAC governments with cybersecurity council

US software vendor pulls together 15 policy makers from seven Asia-Pacific markets, including Indonesia, Singapore, and South Korea, to form a cybersecurity executive council that it hopes will exchange threat intelligence and resources in a "timely and open manner".
Written by Eileen Yu, Senior Contributing Editor

Microsoft has galvanised policy makers across seven Asia-Pacific markets, including Singapore and Indonesia, in a bid to facilitate the sharing of threat intelligence and resources amongst their respective public sector. The US software vendor says "collective" efforts across the region are critical in combating cybersecurity threats, which are inevitable in an increasingly interconnected world.

It noted that Asia-Pacific saw malware and ransomware attacks at higher frequencies, clocking 1.6 and 1.7 times higher, respectively. than the global average. Citing numbers from its 2019 threat report, Microsoft said developing markets such as Indonesia, India, and Sri Lanka were most vulnerable to such threats that year. 

It added that cybercrime not only resulted in financial losses and brought down operations, but also posed risks to national security and eroded trust in digital economies. 

Stressing the need to band together to more effectively combat cybercrime, Microsoft said Monday it launched the Asia-Pacific Public Sector Cyber Security Executive Council to unify policy makers from government and state agencies. The goal here was to establish communications between these organisations and facilitate the sharing of best practices. This, it hoped, would drive the exchange of threat intelligence and technology in a "timely and open manner", and better position the region in its response to cyber attacks. 

It said 15 policy makers from Singapore, Indonesia, South Korea, Malaysia, Thailand, Brunei, and the Philippines had joined the council, which would be supported by Microsoft's cybersecurity experts. The vendor said members would meet virtually every quarter to establish a "continuous" sharing of information on cyber threats and cybersecurity products.

Three of the council's founding members are from Malaysia, Korea, and Thailand. Microsoft, however, did not say which government agencies or nations the remaining policy makers were from. It said only that members included "government leaders, policymakers, regulators, and industry stakeholders".

Asked for more details, a spokesperson told ZDNet these roles included deputy chief executives, commissioners, and secretarial generals, but would not offer further information on the government agencies. She added that the council's focus spanned all segments within the public sector, including healthcare, transport, energy, finance, and education.

And while there had been several recent attacks targeting OT (operational technology) systems, such as the US Colonial Pipeline, she said the group would look to support members' response to threats across their ecosystem. This would likely encompass efforts to increase awareness around areas such as the BadAlloc vulnerability, as well as facilitate discussions on critical issues including CIIs (critical information infrastructures) and zero trust security.  

On how the council planned to work with other regional efforts such as the Asean Ministerial Conference on Cybersecurity, the Microsoft spokesperson would only say that no single organisation had all the answers. "The intent of the council is to provide a platform, working with cybersecurity stakeholders and the ecosystem to partner and collaborate--from government agencies, industry leaders and practitioners, to policy makers, regulators, and the business community," she said.

According to Microsoft, council members would be part of a forum that comprised the vendor's "ecosystem of cybersecurity industry advisors". This would give them access to its security certification training, workshops, and hands-on lab sessions. The aim here was to enhance digital and cybersecurity skills in the participating nations, Microsoft said. 

It noted that with most technology infrastructure owned and operated by private companies, it was critical that governments formed coalitions with technology companies to drive cyberdefense strategies and safeguard the region against attackers.

Yun Chang Hee, principle researcher of National Information Society Agency Korea's AI and future strategy centre, said: "The collective intelligence amongst the Asia-Pacific nations is paramount to jointly share best practices and strategies that will enable us to resolve cybersecurity challenges at a faster pace, and a more proactive manner. 

"With similar threat landscapes, this partnership will ensure that we are steps ahead of the perpetrators, establishing higher standards for the cybersecurity ecosystem," Yun said.

National Cybersecurity Agency Thailand's group captain and acting Deputy Secretary General, Amorn Chomchoey, added: "The cybersecurity executive council is an instrumental platform for collaboration between our nations. The stronger relationships we will forge via this council will enable us to anticipate threats as early as possible, prevent them before the effects of cybercrime evolves into another 'pandemic' for the cyberworld."


Editorial standards