How has the network security landscape evolved in the APAC region?

• By 2029, it is anticipated that the network security industry would reach US$53.11 billion
• The adoption of zero trust networks and the cloud are perhaps the two biggest developments in terms of security

In this digital age, having access to information is becoming more and more crucial. However, as businesses have access to more valuable information, threats to network security, hacks, data breaches, and cyberattacks are on the rise.

Hence, it’s crucial for businesses to have strong network security to act as a gatekeeper and prevent unauthorized access, computer modification, misuse, and other activities. By having employees who are familiar with the foundations of internet security, the organization will be able to maintain a secure and reliable working environment.

Report shows that the market for network security is expected to grow to US$53.11 billion by 2029 as a result of expanding startup activity and rising internet usage.

While there is a rising awareness to secure networks effectively, network architecture is complex and the internet’s threat landscape is always changing.

In light of this, Tech Wire Asia managed to catch up with Carlos Gomez, Chief Technology Officer for Asia Pacific & Japan, Aruba, a Hewlett Packard Enterprise company, about the state of network security in the region and how the emergence of next-generation connectivity has compelled businesses to modernize their network.

APAC’s network security landscape 

Gomez asserts that network security has evolved globally, not just in APJ. He agrees with the common assumption that awareness of security has increased over the past few years among people. Additionally, he believes that customers in the APJ region have really begun to embrace zero trust network access.

“Different customers are at various stages of their journeys; some are just starting off, while others are a little bit more advanced. We’ve also seen, in my opinion, a greater uptake of cloud computing and cloud security measures, when in the past there was some uncertainty about whether the cloud would be somewhat insecure or whether people would want to keep everything on their own network,” he explained.

Modernizing traditional network architecture 

“It’s always time to modernize because the world is moving very quickly; and our customers competitors are moving very quickly. If you don’t continue to innovate and continue to progress, then your competitors are going to leapfrog you,” according to Gomez.

He also mentioned how small, medium, and large organizations worldwide are undergoing digital transformations. For instance, customers that had already modernized a significant portion of their network and were utilizing remote access and Voice over IP had a relatively smooth transition when all of their workers began working from home.

On the other hand, customers that put off upgrading because they had outdated network architecture, solutions, and VPN technology struggled greatly at the beginning of the epidemic since their network and cybersecurity were not sufficiently modernized.

“Innovate or die. Yes, I know it’s very harsh,” said Gomez. “We see this every day in this very competitive world and there are a lot of startup companies that are looking to disrupt established companies. It’s important to understand when you’re a young startup company, you get the opportunity to use the latest technology first.”

However, he asserted that it is slower and more difficult to modernize when a company has been around for a while since they have a lot of legacy infrastructures. As a result, they must get started sooner because it will take more time to modernize.

The role of VPNs

There is a demand for privacy and security. However, there are new tools and methods that can achieve that and offer advantages over a VPN. For many years, Aruba has used this technology, which they call remote access points. They now refer to it as their Microbranch solution.

“Rather than a VPN where you connect back into headquarters, and then try and access information, our approach is to extend the corporate network out to the person’s home or the person’s location,” Gomez explained.

That has various security advantages. First of all, the end user connects their laptop or mobile device in exactly the same way whether they are at home, in the office, a branch office, or any other location. Therefore, the Wi-Fi network has very strong authentication.

The password used to connect to most people’s home Wi-Fi is not very secure. Even when people are connecting to corporate over a VPN, the Wi-Fi connection is unsafe. Additionally, because a VPN only establishes one secure tunnel from the endpoint to the VPN server, the network administrator with a VPN has less visibility into what is occurring in the wireless domain and on the device itself.

“With our approach, you’re applying all of the security and visibility as close to the user as the Wi-Fi access point. So, we can make more intelligent, more secure decisions there and determine which bits of traffic we want to send back to corporate,” Gomez added.

​

Next-gen connectivity 

Security standards continue to advance with every technological advancement, whether it be on the cellular or Wi-Fi side. On the Wi-Fi side, Wi-Fi 6, and WPA3, an improvement over WPA2 from the previous generation, were both introduced.

“With each new generation of technology, not only do performance and speed improve, but so do the security controls that are currently available. Similar concepts apply to cellular technology; with each generation, security is improved, and encryption is added. Additionally, we collaborate closely with the standards bodies to ensure that the new standards are, by design, as secure as possible,” Gomez continued.

That does not, however, preclude the possibility of exploitation. He believes that one of the challenges that he sees is the abundance of security features in both their own and other companies’ products. Customers don’t always take advantage of all of those security settings, since they occasionally configure them just to forget them later.

“To ensure that the security capabilities we have are used as efficiently as possible, it is crucial that we collaborate with our partners and customers,” said Gomez.

To summarize, as security systems advance, hackers and other criminals also advance in intelligence and sophistication. He thinks that due of the increase in computer processing power, companies must seek for alternatives other than password-cracking software because there will always be more and more computing power available to get around basic security measures.

Network availability and security in the metaverse 

Connectivity has always been important in the eyes of Aruba. They consider connectivity to be absolutely essential, whether it is inside or outside the metaverse. Gomez said, referring to the epidemic, “if it wasn’t for network connectivity, we wouldn’t have been able to talk to our parents, our grandparents, or our friends, since we’re all within our own houses and we couldn’t sort of travel.”

He thinks that there will be some really intriguing potential with the metaverse in particular to construct digital twins and simulations of many networking things that could be very challenging to create physically. However, it may also be quite interesting to be able to recreate some of those phenomena inside the metaverse.

“As with a lot of new technologies, it needs to be faster in order to have that high grade of resolution and responsiveness. So, inside or outside the metaverse, connectivity is unquestionably a table stakes moving forward, and it has been for a while, he continued.

Mitigating network breaches

Adopting zero-trust principles is something that businesses should do. “On top of that, ensure that your staff receives proper training because, unfortunately, often people are the weakest link in cybersecurity. And the reason for that isn’t that the person is a lousy worker or has bad intentions; rather, it’s because cybercriminals are incredibly skilled at what they do,” said Gomez.

He believes that it’s very important to make sure that IT professionals look at all of the more non-technical colleagues as part of the solution and not part of the problem.

Furthermore, he added that it’s crucial that threats not only originate from outside the network but might also be inside it, known as an insider threat. If someone is trying to access the network using valid credentials that they stole from an employee, it becomes exceedingly difficult because all of the authentication was correct.

“That’s where things like behavioral analytics is very important. And again, adopting zero trust principles, working with your infrastructure vendors to help you on that journey, and making sure that your employees are educated continuously about the importance of cybersecurity,” he concluded.

---

---

---

---