You are here
Cyber arms race looms as digital connectivity takes hold
AS DIGITAL connectivity ramps up worldwide, an arms race awaits in cyberspace, industry experts have said.
Cyber security providers told The Business Times that tapping emerging technologies such as machine learning, as well as sharing information within and without the industry, is key to beefing up their products.
These methods could be crucial in Singapore and throughout the region as companies and governments accelerate their digitalisation.
As SAP chief security officer Justin Somaini noted: "Because of the connections that organisations now have, businesses need to consider the security of their entire ecosystem of customers, third-party vendors, Internet of Things (IoT) technologies, and other assets as part of their process management strategy."
Leonard Cheong, managing director of AdNovum Singapore, said: "Cyber security, in particular, is a key area of growth as Asean cyber security spending is expected to show double-digit growth up to 2025."
He said clients are keen on areas such as security, identity and access management and digital payments. AdNovum operates in Asia and has both global and Asian clients from Singapore, which is its regional headquarters
Matthew Bennett, vice-president and Asia-Pacific and Japan managing director for solutions provider Carbon Black, said: "The adoption of cloud and mobility have destroyed the perimeter for corporations. Boundaries and walls no longer exist, making it much harder to protect digital assets."
But Michael Sentonas, vice-president of technology strategy at CrowdStrike, stressed that Internet separation may not be the answer. Speaking on the sidelines of the RSA Conference Asia Pacific & Japan industry meeting, Mr Sentonas said: "It'll be very challenging to be a smart city, smart nation, when there is restricted access in some areas."
"Importantly, the cloud also provides significant security benefits. There are many, many tools - CrowdStrike is one of them - that are built to leverage the benefit of using cloud to create a better security outcome."
This is because cloud computing allows companies to better share databases and processing, whether internally or with one another.
Co-operation has also helped to keep the industry up to date on threats, as shown in the tie-up between Cisco and IBM Security last year. Firms feed the information into their libraries, with the software constantly learning and adapting.
"I do see an opportunity for greater information sharing between the public and private sector, specifically in the area of tactics, techniques and procedures - independent actions or behaviours that occur during a cyber attack," said Mr Bennett.
Cyber security startups that specifically tap artificial intelligence netted US$2.1 billion in funding between 2012 and mid-2017, venture capital tracker CB Insights said last year.
Meanwhile, the Cisco 2018 Security Capabilities Benchmark Study, which polled 3,600 cyber security professions from 26 countries, found that 77 per cent of respondents rely on machine learning, while 73 per cent depend on artificial intelligence (AI).
Industry players approached by BT emphasised that they are investing in machine learning and AI, which could even allow products to predict unprecedented attacks and threats.
IBM Watson is, by now, a household name for thinking machines. "Over the last couple of years, we have taken a strong approach towards Watson for cyber security," said Vinay Anand, IBM Security's vice-president for global offering management and strategy, who cited its "huge amount of processing and intelligence".
"Now, if I'm sitting in the network, if I'm an analyst and I see an incident coming in . . . Watson takes over and does this 360-degree research on that particular attribute . . . and instantaneously it comes back to the analyst and gives the entire view."
"We think that machine learning is fast becoming a must-have feature instead of a nice-to-have," said Stephan Schweizer, chief product officer of AdNovum's Nevis. "Using this technology, cyber security professionals can now automate menial tasks and monitor the system 24/7 around the clock, freeing up their time for more business-critical functions."
But it is not all about the rise of the machines. Emmanuel Jacque, a regional principal consultant for fraud and security intelligence at analytics firm SAS, noted: "Most organisations have the misconception that the successful use of advanced analytics requires a specific team of experienced data scientists. However, the key is to simply equip a wide range of employees with data monitoring tools."
SAP's Mr Somaini said security teams must be meticulous in the use of technology too: "Machine learning and other automated tools create opportunities for humans and technology to work side by side. . .
"Machine learning algorithms can be trained to learn behavioural network patterns of what is 'normal' and what a potentially harmful anomaly looks like, to alert humans who can respond immediately - before anything has been compromised."
Allan Leinwand, chief technology officer of cloud enterprise firm ServiceNow, remarked that one challenge is compatibility across the variety of off the shelf business software.
"It's a complicated landscape, so if I'm an enterprise, I have to do antivirus, I have to do mobile device management security, I've got to do a firewall, spam filters - all this stuff," he said. "So, how do I take a look at that entire breadth of technologies and really understand how secure I am?"
To make matters worse, sophisticated tools are increasingly available to more than just state-linked actors, like the unspecified backer of the recent attack on SingHealth.
"What's been interesting in the last 12 to 18 months is, a lot of attack techniques that were once the domain of nation-state actors are now finding their way to be used by other groups," said Mr Sentonas, referring to cyber criminals and political "hacktivists".
The US National Security Agency's arsenal of hacking tools has reportedly suffered raids, with its own weapons deployed by other parties.
"As we build automation, they build automation," said Mr Sentonas, describing bad actors. "But we need to obviously change the way that we use our technology, to find better ways of exposing the techniques that they are using."
Jean-Claude Broido, IBM Security's vice-president for the Asia-Pacific, said: "Once you access the Internet, it doesn't really matter where you are... The more you go to the cloud, you're going to, if not increase your risk, certainly incur different kinds of risk.
"And so you've got to keep moving, working on it, and adapting to the environment."