cyber resilience

(Photo by Roslan RAHMAN / AFP)

Why is the Asia Pacific struggling with cyber resilience?

Cyber resilience is the ability for an organization to prepare for, respond to, and recover from cyber-attacks. While most organizations only looked at either one of these in the past, the evolution of threats and the rampant increase of cyber attacks are now making them relook their entire cyber security framework.

As such, in 2020, Kaspersky developed a Cyber Capacity Building Progam which is designed to help companies, government, organizations, and academia to develop practical tools and knowledge for security assessments. The program allowed not only allows organizations to identify cybersecurity risks but also discover how they can manage and mitigate them.

In the Asia Pacific, cyber resilience is slowly becoming the framework companies are looking at. However, when it comes to cyber capacity building, education, and awareness, how can businesses and even governments in APAC ensure the goals are met?

Speakers at the Kaspersky APAC Online Policy Forum discussed how a nation’s cyber-resilience abilities are often limited by the know-how of its human resources and the quality of cross-border collaboration between the region’s private and public organizations.

“In the Cyber Age, as we experience an accelerated digital transformation, we’re facing security challenges that put a strain on cybersecurity resources. Investing in cyber talent and promoting security awareness and digital education for users are the keys to success in building cyber-resilient digital societies and economies,” said Chris Connell, Managing Director for the Asia Pacific at Kaspersky.

(Photo by Roslan Rahman / AFP)

Reducing the skills gap

There is no denying that APAC is facing a huge shortage of skilled workers.

In the tech industry, a shortage of skilled security professionals is one of the many reasons why companies have also not fully invested in cyber resilience.

For Craig Jones, Cybercrime Director at Interpol, there have been numerous studies and research over the years that highlight a big global cybersecurity skills gap, particularly in APAC.

As countries accelerated their digitalization efforts and embraced emerging technologies, many did not consider the implications that can arise from the shortage of a skilled cybersecurity workforce.

“One of the key challenges that Interpol identified are the gaps in law enforcement cyber capabilities and capacity, nationally, regionally, and globally. Whilst these remain criminal networks can expand their infrastructure and activities.

Building cyber resilience requires strategy

To overcome this challenge, law enforcement must be a trusted partner beyond national borders and sectors. Being collaborative, inclusive, and open will help us reduce the gaps, bridging the divides in capabilities and capacity,” explained Jones.

Echoing Jones was Professor Li Yuxiao, Vice President of the Chinese Academy of Cyberspace Studies. Li specified that cyber capacity building in APAC should “focus on network infrastructure, be alert to the challenges brought by cyber security, and strengthen the development of personnel training system” as the region continues to harness the power of Industry 4.0.

For Professor Seungjoo Kim, a member of South Korea’s Presidential Committee on the 4th Industrial Revolution, as the importance of cybersecurity spreads across all areas, security experts are forced to have more in-depth domain knowledge than ever before. He added that it’s time for everyone to think about a more effective workforce development program to train security experts specialized in each industrial sector.

To ensure cyber resilience is achieved, more organizations are now looking to build on their security teams. This includes ensuring educational training for all employees as well as increasing their headcount for skilled cybersecurity professionals.

Tech giants have also started ensuring more is done to solve the problem. Some of the big tech companies are already working with universities and organizations to reduce the skills gap. Kaspersky themselves have expanded its SafeBoard internship program in APAC, whereby local candidates can from a variety of technical and non-technical positions and be exposed to the growing industry of cybersecurity.