Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

The evolving state of cybersecurity in Asia

Zafirah Salim | Aug. 11, 2014
In a roundtable discussion, Hugh Thompson and Brian Contos of Blue Coat discuss the current and future state of the security threat landscape, especially in the APAC region, and share some insight as to why they think the human factor is the biggest security challenge.

"According to findings from Blue Coat's research, most people use six devices interchangeably today between business and personal use. A few years ago, it was only two or three. It won't be surprising if the number increases to 10 or more in a few years down the road," he said.

In fact, Contos pointed out that Asia is one of the rapid adopters of mobile technology. He highlighted that such high penetration rate for mobile devices should mean increased mobile security. This includes the mobile device itself, the applications running on those devices, the cloud services they are connected to and more.

Contos also highlighted that Android devices are vulnerable and more prone to security attacks as compared to other mobile operating systems. He advised that we need to look at solutions that are transparent and easier for end users in the organisation to leverage.

"One of the best ways to accomplish that is by leveraging cloud technologies. Additionally, there needs to be an understanding of how users are operating within your environment, such as what's being used, uploaded or downloaded. We need to have a measuring or tracking system for this, or implement policies to control it," Hugh said.

"This does not mean that you will have hundreds of policies for those applications. Instead, these applications can be categorised and you can simply have policies across those," he added.

Secondly, Contos noted SCADA (supervisory control and data acquisition) as another security area to be concerned about. Essentially, SCADA manages Industrial Control Systems (ICS) and monitor for issues such as the heat set point in a boiler being exceeded because of a malfunctioning coil. Additionally, these SCADA systems can house proprietary information regarding system configuration - how long it takes to bake the pizza dough, where to weld the car door, how much light to expose a bacteria to, or what additives to inject into a polymer.

Contos lamented that people do not think about the security in their critical devices and such poor security infrastructure allows them to lose valuable proprietary information.

"These two areas very specific to Asia which I think need a lot of awareness and need to be addressed," he said.

Human factor a big security loophole

When discussing security challenges, Contos quoted an experiment that tests bank users' security awareness. Despite the fact that the common method of credit card authentication is providing the last four digits of the card number, the "bank" asked participants for its first four digits instead. Nevertheless, the participants were not suspicious and simply provided the numbers without a hint of doubt.

"This shows that there is no difference in trust, and that there is a definite gap in human knowledge. If they believe that the other person knows a nugget of information about you, they will believe that you know a lot more," said Contos.

 

Previous Page  1  2  3  Next Page 

Sign up for CIO Asia eNewsletters.