During the CyberSecurity Malaysia Awards, Conference & Exhibition (CSM-ACE 2018), CSA was given the opportunity to interview FireEye’s Senior Technical Director for the Asian region, Steve Ledzian, who was one of the invited panellists. His part of the forum session was titled, “National Cyber Security Strategy – A Coherent Approach towards Cyber Sovereignty”, where he stressed that for national security policies, there needs to be a greater focus among the nations in the region on resourcing their defences appropriately in terms of time, money, planning as well as manpower.
Steve admitted that it’s a very complicated problem and as organisations, governments and nations move to smart cities, our dependence on the digital infrastructure is accelerating very rapidly and the same digital infrastructure is fast becoming the foundation on which many things that our societies will rely on. When that foundation fails, he said, it will have very profound implications.
We have not seen that happen yet, however, he mentioned that we’re already starting to see the foreshadowing of that foundation failing, pointing to incidents such as the power plant hack in Ukraine in 2015 which caused massive power outages as well as the more recent NotPetya attacks which cost around a billion dollars of damage globally.
These attacks have also proven that state sponsored attacks and cyber espionage are definitely real, can cause damage in a lot of unintended ways, and the consequences of such attacks can be quite devastating. “For organisations looking at ways to defend against such state sponsored attacks, since they are done at the behest and sometimes through the funding or sponsoring of a government, in order to stand a chance to be able to withstand that type of attack, they’re going to have to put in significant resources,” Steve added.
Therefore, he mentioned that it has to be done with the help of governments, and nations have to come to an agreement on what actions are acceptable or unacceptable in cyberspace. There also needs to be some risks or repercussions for the attackers to try and deter some of that activity as well. At the moment, that isn’t the case and bad actors can pursue these types of activities without much consequence.
At the end of the day, he advises governments to take a serious look at the importance of this issue and honestly ask themselves whether the investments that they are making are adequate to protect their digital infrastructure.
As for businesses, Steve recommends that they have minimum standards to make sure they can adequately defend themselves from cyber attacks when their priorities may be more around creating revenues than cyber security issues. He said, “The return of investment of security isn’t usually immediately obvious. Because of that, often it’s not the highest rated priority. So governance has to come and give it a lift so that it does become a higher priority because as we’re becoming more interconnected, it’s becoming more and more important that we have to protect our data and the citizens that use and rely on data.”
From an ASEAN perspective, in Steve’s view the nations in the region have been taking steps to strengthen their national cyber defences. Malaysia’s national cyber security policy, for example, has been around for many years, defining the Critical National Information Infrastructure (CNII), which Malaysia considers to be important and poses the highest risk.
Singapore, meanwhile, has passed its national cyber security act, which also addressed the country’s critical infrastructure. He added that Thailand as well has embarked on setting for a national cyber security agency. “So I think the countries in the region are seeing that it’s important and that governance is just now starting. In the next year or two, I think we’ll see a lot more in this area.”
Similarly, Steve pointed out that one of the biggest challenges for these governments is to address the shortage of talent in cybersecurity – a problem that is facing a large number of enterprises as well. On that issue, he posed the following questions, “Even if you have a very large budget, even if you have the political capital to pull together a cybersecurity team, you may not be able to hire those people because they’re very hard to find, and they’re in very high demand. So the other thing that those national policies are trying to do is, how do we do capacity building? How do we build the expertise in our country so that we have the enough resources to fill the needs and demands from the private and public sectors?”
However, the thing about cyber threats is that it is never static. The cyber security landscape is continually evolving and governments cannot do it alone. The role of cybersecurity experts such as Steve and his team at FireEye is absolutely essential if they hope to stay ahead of the threats, not only in providing the necessary tools, but also devising strategies and approaches to combat cybercrime.
To that end, Steve explained, “FireEye is working very closely with governments in ASEAN as well as globally. We provide security technologies, we provide security consultancy and assessments, we provide cyber threat intelligence. We are the largest private sector cyber threat intelligence collection apparatus in the world, and we are also training governments. We also provide cyber security training. So, we are on multiple fronts of advancing the cyber capabilities of many governments in the region."