Asia Pacific Online Policy Forum II – Guardians of Cyberspace: Can Justice Prevail?

Genie Sugene Gan, Head of Public Affairs, APAC

On March 2, 2021, Eugene Kaspersky hosted the Forum, which was a sequel to the successful inaugural APAC Online Policy Forum (“OPF”) in 2020, where we had discussed “Cyber-resilience in the ‘new normal’: risks and new approaches”. Having survived a year that was almost throughout plagued by COVID-19-related issues, we face 2021 with continually emerging issues in cyberspace. The world economy may have slowed due to the pandemic but the work to ensure a safer cyberspace has increased more than ever before.

With many countries within Asia-Pacific experiencing rapid digital transformation, cybercriminals have not slowed down. Several countries are rolling out national cybersecurity strategies in an effort to strengthen their countries’ cybersecurity and to manage the inherent risks of digital growth, but are we merely playing catch-up?

What goes into the policy formulation behind each strategy? How do we ensure our strategies remain relevant and stand the test of emerging cybersecurity issues? In the never-ending race against cyberthreats, can we ever come out ahead? And if so – how?

The Forum, which saw 1145 registrations – an excellent record attendance for an online event – delivered more than promised with quality content by a sterling panel of experts from government, industry and academia, featuring:

• Mr. Eugene Kaspersky, CEO, Kaspersky, as host;
• Mr. Nguyen Huy Dung, Vice Minister, Ministry of Information and Communications, Government of the Socialist Republic of Vietnam;
• Mr. Nur Achmadi Salmawan, Director of National Critical Information Infrastructure, National Cyber and Crypto Agency (BSSN), Government of Indonesia;
• Ms. Azleyna Ariffin, Principal Assistant Director, National Cyber Security Agency, Government of Malaysia (replacing Mr Shah who unfortunately was unable to join owing to some exigencies);
• Dr. Greg Austin, Professor of Cyber Security, Strategy and Diplomacy, University of New South Wales; and Senior Fellow for Cyber, Space and Future Conflict, International Institute for Strategic Studies; and
• Miss Genie Sugene Gan, Head of Public Affairs, APAC, Kaspersky, as moderator.

Key Discussions

Eugene Kaspersky opened the Forum with his keynote address where he dived deep into the latest cybersecurity threat landscape and trends amplified by the pandemic. Particularly, he noted the shift in cybercriminals’ targets – from smartphones and personal devices to industrial control systems (ICS) and the Internet of Things (IoT). He also shared the perspective of the private sector in addressing challenges in building cyber-resilient and cyber-secure digital transformation in Asia-Pacific.

Three key takeaways from our esteemed expert speakers were:

Mr. Nguyen Huy Dung shared how Vietnam has conducted active steps in securing its cyberspace, which include establishing a national cybersecurity law, standards, and blueprint across government and private organizations. “No one can cope with cyberthreats alone. No one can be safe alone,” Mr. Dung emphasized.

He highlighted the four-layer protection model in Vietnam, which involves an in-house team (first layer), 24/7 cybersecurity services by a professional provider (second layer), an independent security audit (third layer), and independent monitoring by the National Cybersecurity Center (NCSC) of the Authority of Information Security of the Ministry of Information and Communications (fourth layer).

Another successful project cited was the Review and remove malware nationwide in 2020 campaign by the National Cyber Security Centre (NCSC) of the Vietnam Authority of Information Security, which resulted in the number of Botnet IPs being nearly halved and over 1.2 million computers scanned, detecting more than 400,000 of those infected with malware. Kaspersky was among the private partners in this initiative conducted from September to December 2020.

Dr. Greg Austin underlined the crucial connection between cybersecurity capacity building and investment in education. “Globally we are not making enough cybersecurity professionals,” said Dr. Austin. He added that, “Most countries are not prepared to make investments in education for the cybersecurity ambitions they talk about. Digital transformation and defense’s capacity building must include educational transformation.”

He also noted that the Australian Cyber Security Strategy 2020 will invest 26 million dollars for education out of the total $1.67 billion budget allocated, over 10 years to achieve the vision of creating a more secure online world for Australians, their businesses and the essential services upon which we all depend.

As a suggestion, Dr. Austin noted that graduates from colleges and universities should be exposed to real-life simulations, exercises, and red teaming to increase their skills and knowledge about cybersecurity.

Ms. Azleyna Ariffin echoed the need for experts and that it should be a part of a nation’s strategy. Adding the exponential rise in technology use and the number of threats amid the still ongoing pandemic, she said, “We also need to focus on developing skills and knowledge in cybersecurity so that it will be more effective cooperation if we share the same level of skills and understanding with regard to threats and cybersecurity.”

This is among the key priorities of the Malaysia Cybersecurity Strategy 2020-2024, announced last October, with an allocated budget of $434 million and five pillars to improve the cybersecurity management and capability of the country.

Aside from formal education, Ms. Ariffin added the need to increase awareness for the mass public regarding the dangers lurking online. She noted that NACSA is partnering actively with the Ministry of Education and the Ministry of Communications and Multimedia in Malaysia to spread the message strategically.

Mr. Nur Achmadi Salmawan agreed and shared that BSSN also involves several government agencies, academia, and society to spread cybersecurity awareness among Indonesians. Focusing on protecting national interests and promoting national economic growth, he highlighted that BSSN launched last December its Draft National Cyber Security Strategy for the country. The strategy is aimed at combatting technical threats and even social threats in Indonesia.

“Social media becomes the weapon for organizations and individuals to manipulate information for their own interest. It is important to inform people how to use the internet correctly and safely,” Mr. Nur added.

Conclusion

Acknowledging the COVID-19 aftermath of increased reliance on technology in general and digital devices in particular, all the speakers agreed that regional collaboration, private and public high-level cooperation, and knowledge sharing are essential ingredients in building a country’s cybersecurity.

A full recording of the Forum can be viewed here: https://youtu.be/YWdtMFQK0hU.

We look forward to welcoming you at our next APAC Online Policy Forum; details to follow!