Silver linings in the age of digital risk

LIVING in a futuristic city built on digital infrastructure used to seem possible only in movies or science fiction novels. While 3D printed skyscrapers are not possible...yet, other technological advancements - from self-driving cars to artificial intelligence to augmented and virtual reality tools - show that this connected city of the future is quite the reality today.

Asia Pacific and Japan (APJ), a region home to significantly diverse economies, is remarkably leading the charge in developing connected cities of the future - smart cities. Governments across the region are launching initiatives to push urban development, driving the region's expenditure on smart city technologies to US$28.3 billion in 2018 - a figure projected to surge to US$45.3 billion in just the next three years.

On top of national-level initiatives, organisations in APJ are the key drivers of digital transformation, with 60 per cent of the region's gross domestic product expected to come from digital products or services by 2021. But, with the digital transformations across the region, also come digital risks.

Bake in security from the very beginning

While advancements in digital technologies bring a brimming chest of opportunities, this evolution also expands the surface area of digital risks to the region. 2017 saw an unprecedented wave of cyber-attacks - from WannaCry to GitHub. Yet, cybersecurity measures are too often reactive responses, instead of cornerstones of a sound digital infrastructure. To put this into perspective, only one in three APJ organisations consider building out their cyber defences before embarking on their digital transformation journey.

Data is today's currency of power - and with great power comes great responsibility - in the form of ensuring data protection and cybersecurity.

In the journey to unlock digital opportunities, the region has unwittingly become a vulnerable hotbed of unsecured digital infrastructure and a prime target for cyber-attacks. Case in point: Asia is reported to be 80 per cent more likely to be targeted by hackers than other parts of the world, and with potential economic losses from cybersecurity breaches reaching a staggering US$1.7 trillion, APJ cannot afford to wait for another cyber-attack and must incorporate better security.

Governments are gearing up for the cybersecurity battleground

It's not all bad. There are many silver linings, beginning with the region's public sectors recognising the need to develop knowledge centres. Australia's national cybersecurity mega hub, Data61, promotes best practices and facilitates knowledge exchange between sectors and industries.

Striving to achieve stronger cybersecurity postures, APJ governments have ramped up their cybersecurity legislations. For example, Singapore's Cybersecurity Act provides a framework for the regulation of providers of Critical Information Infrastructure, and China's Cybersecurity Law is bringing the country in line with global best practices for cybersecurity - mitigating digital risks across the region's connected smart cities of the future.

Upping cyber defence in businesses' game plan

While legislations are being put in place, it is equally incumbent on private sectors to protect their own businesses from cyber threats.

Here's where the next notable silver lining comes in. Organisations in APJ are investing more heavily in cybersecurity defences and cyber insurance compared to their counterparts in the US and EMEA (Europe, the Middle East and Africa). This shows that organisations in the region are placing more emphasis on cybersecurity.

These investments not only strengthen cyber defence, they complement business growth. In short, security means business. Organisations must consider their business objectives in tandem with their digital risk, before planning the right governance and the right supporting processes. Doing so is paramount in enabling them to make intelligent, business-driven decisions in cybersecurity promptly, to prioritise appropriate mitigation efforts and cut losses.

Better together with cyber collaboration

As cyber-attacks continue to grow in sophistication, the public and private sector must stand together to strengthen cyber defences.

In this case, the silver lining is found in the opportunity of joint efforts. Alone, security teams were only discovering 64 per cent of breaches. Together, through collaborations with external parties, security teams were often able to detect more breaches.

In today's ever-evolving digital risk landscape, facing the world of unknown digital risks alone can be daunting. It always gets worse before it gets better. That is why it is imperative to create a trusted environment for robust collaboration between individuals, businesses and the government, to achieve cyber resilience.

RSA is committed to driving conversations and facilitating knowledge-exchange on cyber resilience and digital business risk. Closing the gap between the good guys and the bad will only become a reality with everyone working collectively towards a safer and prosperous cyberspace.

* More opinions and views