Gavin Struthers, President, Intel Security, Asia Pacific
Following Gavin Struthers recent appointment as the President for Intel Security Asia Pacific in April this year, this email interview highlights his insights on the state of enterprise security in the region. A veteran in the technology sector, Struthers has worked with the company for more than 12 years holding various leadership roles.
Delving deep in the topic of enterprise security, Struthers also talked about how CIOs, or IT managers, can work on developing an effective security strategy in the workplace. This includes understanding the role of employees in protecting corporate data, and the importance of transitioning to a lifecycle defense security approach.
Can you briefly describe the enterprise security landscape in Asia, particularly in Singapore? Do you see any major threat trends impacting organisations within the region?
We currently see a strong demand in the regional security business. Facing a complex threat landscape, more companies and organisations now understand the urgency of deploying more effective security solutions. This counts especially for the most targeted industry sectors such as banking, telecommunication and healthcare.
Some of the major trends that I see are information systems becoming more sophisticated, cyber attacks shifting to advanced threat actions that intent to breach through the security firewalls of IT networks and steal sensitive corporate data.
Mobile, Internet of Things (IoT), and Point of Sale (POS) systems also present new attack surfaces for cybercriminals. The profitability of stealing personal data, intellectual property, and operational business intelligence is already drawing more criminals into the cyber space and has led to a professionalisation of cybercrime, where we see developments as hacking-as-a-service side by side with espionage tactics executed by nation-state actors.
What do you think are some unique security challenges and/or opportunities faced by businesses in Asia?
For some time, Asia wasn't the focus of global attacks. But with the growing success of economies and local companies in tandem with the implementation of modern communications infrastructure, this region has seen an increased level of cyber crime activities, reaching from simple malware attacks and ransomware to more sophisticated cyber espionage.
Another challenge yet to come is the further reach of the IoT. Throughout various industries, businesses speed up to increasingly make use of connected devices and applications. With every additional device used, the surface for potential attacks grows. As such, unless security controls are built-in to their architectures from the very beginning, the rush to deploy IoT devices at scale will outpace the priorities of security and privacy.
Like you've mentioned, the mobility trend is steadily growing in Asia - and this trend is now pervading the workplace as well. How would you advise IT managers to implement the BYOD (Bring Your Own Device) policy without compromising on security?
Sign up for CIO Asia eNewsletters.