Unpacking cybersecurity in APAC with Fortinet

• Tech Wire Asia recently interviewed Peerapong Jongvibool, vice president of Fortinet Southeast Asia and Hong Kong, discussing the cybersecurity landscape in APAC and the way forward.
• Fortinet achieved its target of training one million people three years ahead of timeline, so it has set a new target of training an additional one million people by 2026 to close the cybersecurity skills gap.

Over the last few years, the Asia Pacific has grown to be a hotbed for cyberattacks. Based on a quarterly threat intelligence report by Fortinet that paints a picture of global trends in the cybersecurity sector, it shows that attacks, including viruses, botnets, and exploits in the APAC region are charging ahead more than anywhere else in the world.

Fortinet Southeast Asia and Hong Kong vice president Peerapong Jongvibool (Pete) said that 26% of all globally tracked exploits attempts are targeted toward the APAC region. “APAC remains at the top ranking with 39% of the overall virus activity as the highest region for this quarter,” he told Tech Wire Asia in an interview recently.  

As for botnets, 28% of all globally tracked exploit attempts were also targeted toward the APAC region. “As we have seen throughout the last year, Mirai continues to be the most active Botnet campaign in most APAC countries,” Pete said. From the whole of APAC, Malaysia experienced an average of 84 million cyber attacks daily during the fourth quarter of last year–one attack every four minutes.

Data from FortiGuard Labs shows that the cyber threats in Malaysia registered 61.1 million virus detections, 50.2 million botnet attacks, and 7.5 billion exploit detections throughout the final quarter of last year. By comparison, cyber threats on a global scale in the same period recorded around 600 billion attacks per day, according to Pete.

Pete also highlighted that APAC remains important in the radar of threat actions because of the region’s prominent manufacturing sector. “The sector has played a pivotal role in Asia’s economy, especially over the last few years; the manufacturing sector is rapidly digitizing. Essentially, the more we adopt technologies, the more prominent we are to attacks, it is inevitable,” Pete emphasized.

Fortinet aims to train a million more cyber experts

Pete noted that, unfortunately, the lack of in-house, on-demand cybersecurity skills is still a crucial barrier to raising advanced cyber defense infrastructure in key APAC markets. He reckons the challenge is not technology but people and, precisely, the lack of experts. With over 80% of breaches being attributed to a lack of cyber skills, according to a global 2022 Fortinet report, the cybersecurity skills gap continues to be a top-of-mind concern for organizations, Pete said.

“In 2021, Fortinet pledged to train a million people by 2026 and we achieved that goal by 2022. “We have decided to train another one million by 2026,” he shared. The upside that Fortinet is noticing is how cyber experts are quick to catch up with attackers who are constantly evolving to use new techniques. 

“No doubt, the world will need more cyber experts no matter how many we train. The good thing is that as threat actors evolve, our cyber experts are as fast, too, so we have to keep this momentum going,” he told Tech Wire Asia.

Geopolitics will remain prevalent, and better regulations are necessary

Pete believes geopolitics will continue to play a significant role in cyberattacks. To put it simply, state-sponsored attacks are on the rise, and tensions over Taiwan, the South China Sea, and Ukraine mean such incidents are likely to increase. “These days, the attacks are more state-sponsored and an increasing number of hackers are targeting cryptocurrency firms,” Pete shared.

He noted that APAC is certainly not spared from those trends. “Attackers are more dedicated, more weaponized, and more advanced with artificial intelligence (AI) today,” he added. To top it off, a lack of better regulation is also a pressing issue facing APAC nations. “I think law and regulations are also not catching up. That has to change, but we are noticing a trend in the right direction with countries actively discussing cybersecurity-related policies and regulations,” Pete said. 

“Some countries have very mature laws, and their enforcement is better simply because of their international connectivity. I think countries need to learn what is best for them and what is the driver behind a more stringent regulation.” 

---

---

---

---