Have game plans in place to chase them down and kick them off the field. The most important thing is that you need to have people that can do these things. There are newer training courses geared for this from places like SANS.
What are some of the most active threats in the Asia Pacific region?
Although most threats span globally, I am aware that there's a tremendous amount of energy being spent to hack and commit fraud in online games. Much of this activity is coming from hackers in China. The attackers have even been bold enough to go after the gaming companies with the level of sophistication usually only seen with APT intrusions and targeted, large financial crimes. Speaking of APT, the Chinese state sponsored APT groups are hacking into other AP countries. Singapore, Japan, Australia to name a few.
In view of the increased waves of state-sponsored attacks as well as hacktivism, should security vendors work with government agencies to tackle local and global attackers? Are they the new arms dealers?
This is already happening. It's all via unofficial communications. Because the agencies tend to classify everything as classified by default, it makes information sharing very difficult. Additionally, government entities, intelligence agencies, and law enforcement agencies will look to the private sector for expertise and support when dealing with these adversaries. Sometimes, they'll contract out work, but that's very sensitive and not discussed in public.
How would BYOD impact businesses in the Asia Pacific region? What are BYOD's implications in terms of risk management, data protection, and data management?
As far as I'm aware, there's nothing unique to the AP region on this topic. I could be wrong though. I'd say there are two very large risks to BYOD in general. The first is that an employee could accidentally lose or leak sensitive information. The second is that organisations have little to no control or visibility into employee owned devices. The lockdown mechanisms that can be enforced are pretty generic and not very relevant to modern day hacking.
I have observed APT attackers get kicked out of a corporate network after months of investigation and planning for remediation only to get re-compromised because the attacker had backdoors planted on employee owned assets.
How can local businesses change their strategy to cope with the new threats?
My advice has always been the same for SMB. Computer systems used for business operations should be separate from systems used for email, web browsing, etc. They should be segmented into two networks that either have no connectivity between them or only the bare essentials needed to conduct business.
Sign up for CIO Asia eNewsletters.