RSA APAC 2016: Cybersecurity strategy needs overhaul

Increasing impact of cybercrimes and technology-driven changes in the business landscape as well as societies underscore the need for cybersecurity approaches to be reviewed and changed.
Written by Eileen Yu, Senior Contributing Editor

Businesses and governments will need to relook their approach to cybersecurity in order to cope with the current technology landscape, and this may mean changing their country's legislation and law enforcement capabilities.

Singapore, for instance, had been reassessing the way it addressed cybersecurity and identifying areas that needed to be tweaked, according to its Minister of Home Affairs and Minister for Law K Shanmugam.

He pointed to the country's National Cybercrime Action Plan, which aimed to coordinate local efforts in deterring, detecting, and disrupting such activities. Speaking at the RSA Conference Asia-Pacific 2016 this week, Shanmugam further underscored the need to focus on prevention as well as establish a speedy and strong response to cybercrime.

The local legal framework also must be able to facilitate efforts in this area, he said, adding that industry collaboration should be encouraged as the ability to combat cybercrimes would have to come from a shared responsibility.

Shanmugam said: "Cyberspace is changing the nature and complexion of crime all around the world. In the United Kingdom, the number of crimes committed through the internet has exceeded the crimes committed in the physical space.

"For us, in the last year, the number of crimes committed under the Computer Misuse and Cybersecurity Act has increased by 40 percent over the previous year," he said. Pointing to analyst estimates, he added that some US$2 trillion would be lost through cybercrime by 2019, four times more than the figure in 2015.

He said Singapore had been driving various initiatives in its efforts to beef up the country's cybersecurity readiness. These included increasing public awareness as well as enhancing the government's capabilities to address cybercriminal activities.

Laws also would need to be relooked and changed to keep pace with changes in the industry, where cybercriminals were able to strike with scale and speed to cause significant damage.

Shanmugam explained that crime, in the past, was often tied to geographies and territories where it could be dealt with locally. This was no longer true today, so Singapore legislation would need to be updated to remain relevant and, if necessary, redefine the nature of crime, he said.

"[It would need] to deal with the transnational nature of crimes and the new and evolving tactics of criminals," the minister said. "So what happens in the real world will have to be replicated in the virtual world and we have to develop the tools to make sure they are updated for that."

The skillsets of law enforcement officers also had to upgraded to include digital forensics, intelligence, and crime prevention, and with the capabilities to analyse new hacking tactics used by cybercriminals, he said. The police, for instance, had developed new automation tools that would allow them to process large data volumes without manual involvement, hence, slashing the time needed to gather digital evidence.

Shanmugam said: "Ultimately, our National Cybercrime Action Plan is a recognition of a change that cybercrime will bring about in our society and a fundamental relook at our approaches, our laws, our outreach efforts, the way we train and equip our police officers, and the way our agencies work with partners both within and outside of Singapore."

The call for change, in the way businesses and governments approached cybersecurity, appeared to be a common theme among other speakers at the conference.

During his keynote, RSA President Amit Yoran cited internal research that revealed more than 70 percent of organisations in Asia-Pacific and Japan acknowledged their systems had been compromised in the past year. A further 90 percent were not satisfied with their organisation's speed of response and detection to cyberattacks.

To change these results, businesses would need to change their perspective and act differently, Yoran said. He noted that cybercriminals today already were creative and persistent in the way they orchestrated attacks, with the ability to morph their hacking methods in response to how organisations changed their defense mechanisms.

They might be using the same tools, but were successful in their attacks because they had been able to evolve their attack strategies, he said. Similarly, businesses must be willing to change their perspectives and approaches in order to establish a more effective cybersecurity strategy.

This, Yoran said, meant organisations would need to ensure their IT security strategy was aligned to their business priorities. They also would need to gain the right visibility and insights rapidly, add business context, and establish an efficient response to incidents.

He added that traditional endpoint security products and antivirus tools were flawed by conceptual design and ineffective.

Tenable Network Security's vice president of strategy, Matthew Alderman, noted that traditional endpoint security tools were no longer relevant as more businesses move to the cloud. He said such industry trends were rendering existing approaches to security outdated and would impact the way security was deployed in the future.

Alderman also pointed to the increasing role of applications in the digital economy and business transformation as a driver of change in cybersecurity, as would growing interest in emerging technologies such as containers and microservices.

With the ability now for a single application to be modified multiple times in a single day, for instance, current security processes were not ready to support such change, he noted.

Stressing that it was time "for a new approach" and to transform how security was addressed, he said businesses needed to assess security as a set of capabilities working together to improve their defenses.

Editorial standards