security asean

NOVEMBER 2015ASEAN | VOL.6

LEGISLATION REQUIRED TO MOTIVATE ASEAN ORGANIZATIONS TO SHARPEN CYBER SECURITY

MALAYSIA RANKED THE MOST CYBER-SAVVY NATION IN ASIA, BUT SECURITY GAPS REMAIN

SINGAPORE AND THE UK COLLABORATE TO ADDRESS PRIVACY IN BIG DATA AND CLOUD

I N F O R M A T I O N

A S E A NSECURITY

SINGAPORE BUSINESSES BOLSTER CYBER DEFENSES

Organizations in Singapore are increasing cyber security resources and education in a bid to counter the rising tide of cyber attacks

HOME

SINGAPORE-BASED ORGANIZATIONS INCREASE

CYBER SECURITY RESOURCES AND

EDUCATION

SINGAPORE AND THE UK COLLABORATE TO ADDRESS

PRIVACY IN BIG DATA AND CLOUD

LEGISLATION REQUIRED TO MOTIVATE ASEAN ORGANIZATIONS TO

SHARPEN CYBER SECURITY

MALAYSIA RANKED THE MOST CYBER-SAVVY NATION IN ASIA, BUT

SECURITY GAPS REMAIN

2 INFORMATION SECURITY n ASEAN n NOVEMBER 2015

CYBER CRIME

CYBER CRIMINALS TARGETING Singapore are undeterred by the increased probability of being caught now that the city state has strengthened up cyber security measures to combat illegal activities

perpetrated online. And they appear to have their sights firmly fixed on Singapore’s businesses.

In July, the Cyber Security Agency (CSA) issued an advisory warning about phishing emails purported to be from [email protected]. GeBIZ is a government-to-business (G2B) public e-procurement business center where suppliers can conduct electronic commerce with the Singapore government.

The fraudulent email advised GeBIZ trading partners to complete a one-time account update following the roll-out of the enhanced SingPass system. User credentials were stolen when users entered their username and pass-word on the phishing page.

SINGAPORE STRIVES TO COUNTER RISING SURGE OF CYBER ATTACKSOrganizations in Singapore are raising their game to increase cyber security resources and education in a bid to counter the rising tide of cyber attacks By Sophia Yao

BAHR

IALT

AY/F

OTOL

IA

http://www.computerweekly.com/news/4500255474/Former-MI5-director-optimistic-about-cyber-security

https://www.csa.gov.sg/

http://searchexchange.techtarget.com/tip/Throw-users-a-line-to-thwart-an-email-phishing-attack

http://www.computerweekly.com/news/4500255713/Mobile-commerce-catching-traditional-e-commerce-in-Asean

https://www.singpass.gov.sg/spauth/login/loginpage?TAM_OP=login

HOME



EDUCATION








on a series of anti-scam awareness campaigns, some of them tackling cyber extortion.

But protecting the city against shady characters lurk-ing online poses a huge challenge for law enforcers when

almost three-quarters of Singaporeans spend an average of five hours each day online on a desktop or laptop, and two hours a day on their smartphones and tablet PCs.

WAKE-UP CALLSingaporeans’ cavalier attitude towards the internet received a reality check two years ago when a Symantec report claimed that the city state has the highest per capita losses from cyber crime in the world, with an average cost per victim pegged at S$1,448. It was the highest among the 24 nations surveyed and four times the global average.

RISING E-COMMERCE CRIMEIn its recently released mid-year crime brief covering January to June 2015, the Singapore Police Force reported commercial crimes had risen by more than 55% com-pared with the same period in 2014. This is despite the rate for virtually all types of illegal activities decreasing. Of the various commercial crimes, those involving e-com-merce saw a large increase of nearly 66% when compared with the first six months of 2014.

“The growing trend of online crime is a cause for concern,” says David Chew, director of the commer-cial affairs department at the Singapore Police Force. “While we will do all we can to investigate, deter and disrupt the activities of these criminals, the public has an important role to play.”

Based on the latest half-year figures, online scams tar-geting buyers totaled 1,015 cases, up by almost 62% over the 2014 period, with the amount of money involved esti-mated at S$450,000. Meanwhile, online scams targeting sellers rose to 68 cases between January and June 2015, a 74% increase over the year before.

“Online transactions may be convenient, but the pub-lic should always be alert and exercise due diligence when engaging in online transactions to avoid falling victim to scammers,” says Chew. He adds that some scammers may even be linked to a criminal syndicate operating overseas.

The Singapore Police Force has been working with the National Crime Prevention Council since November 2014

CYBER CRIME

Protecting the city against shady characters lurking online poses a huge challenge for law enforcers when almost three-quarters of Singaporeans spend an average of five hours each day online on a desktop or laptop, and two hours a day on their smartphones and tablet PCs

http://www.computerweekly.com/news/2240201357/Survey-reveals-true-global-cost-of-cyber-attacks

http://searchsecurity.techtarget.com/answer/How-can-e-commerce-website-security-be-ensured

http://searchsecurity.techtarget.com/answer/How-can-e-commerce-website-security-be-ensured

http://www.ncpc.gov.sg/

HOME



EDUCATION








Twelve months after the incident was reported, SingPass added a new security layer, with a two-step method of identity verification for users conducting sen-sitive transactions online. After logging in with their SingPass user ID and password, the additional second step sees users enter a one-time passcode, which can be delivered either through a token or SMS.

More than 100 government e-services now require two-factor authentication, according to IDA. These include essential services such as those by the Central Provident Fund Board (CPF), Inland Revenue Authority of Singapore (IRAS) and the Ministry of Manpower.

“No system is entirely fool-proof. However, the measures that we’ve put in place make it considerably

“The cost of Singaporeans not knowing how, or worse not bothering, to protect themselves from online threats could be very high indeed,” said Infocomm Development Authority (IDA) managing director Jacqueline Poh dur-ing the National Infocomm Security Competition in September 2014.

“Since we assume you are not going to unplug yourselves from the benefits of being online, it is important for all of us to understand the various ways we can be hacked, so that we can avoid being victims,” she told student participants of a competition intended to encourage local people to adopt good cyber security practices.

The high-profile hacks of Target and Home Depot in the US that received wide press worldwide certainly increased awareness of cyber crime among Singaporeans. But the greatest impact was when the threat hit closer to home. Last year, hackers broke into the customer data-base of local karaoke company K Box, leaking the mobile phone numbers, ID numbers and addresses of more than 317,000 members.

Likewise, IDA revealed last year that 1,560 SingPass accounts had been breached, possibly exposing citizens’ data – including addresses, income and car registration numbers, among others. About a quarter, or 419, of these users had their passwords illegally reset. SingPass is Singapore’s e-government services portal, set up in 2003.

CYBER CRIME

“ No system is entirely fool-proof. However, the measures we’ve put in place make it considerably more difficult for a hacker or someone else to breach the accounts and sensitive data of SingPass users and make transactions on their behalf for nefarious purposes”— Jacqueline Poh, IDA

http://www.computerweekly.com/feature/How-to-ensure-strong-passwords-and-better-authentication

HOME



EDUCATION








CYBER CRIME

Crest certification for penetration testers in Singapore. The certifications will serve as a competency baseline for practising professionals and service providers. Under this MOI, the partners will set up a Crest Singapore Chapter next year.

CSA and IDA have established the Cyber Security Associates and Technologists (CSAT) program to train ICT professionals to acquire practical skills for special-ised job roles for cyber security operations. The program is aimed at helping fresh and mid-career ICT individuals attain the necessary practical skills to better equip them for cyber security roles.

“We are excited to be taking these strides forward with our partners to enhance Singapore’s cyber secu-rity capabilities as well as raise the quality of the indus-try and workforce,” says CSA CEO David Koh. “These partnerships pave the way for us to work closely together on innovative solutions to strengthen our cyber secu-rity core. We look forward to establishing more of such

more difficult for a hacker or someone else to breach the accounts and sensitive data of SingPass users and make transactions on their behalf for nefarious pur-poses,” said Poh.

CREATING A CYBER SECURITY ECOSYSTEMThe CSA, which consolidates and co-ordinates the city’s cyber security capabilities across different sectors, is at the forefront of Singapore’s efforts to push back the new wave of online threats that could endanger commerce and national security.

In early October 2015, the agency inked several partnership deals with local and foreign industry play-ers – among them Singtel, Check Point and FireEye – for initiatives intended to strengthen the cyber security ecosystem.

With Singtel, the CSA expects to develop indigenous R&D. Bill Chang, CEO of Singtel Group Enterprises, says: “A resilient cyber security ecosystem will help reinforce Singapore’s position as a key business hub for innovation while building the foundation of a safe and smart nation.”

One key area of collaboration between Singtel and CSA will be the training of cyber security professionals – which is one of the key goals of Singapore’s five-year National Cyber Security Masterplan 2018.

CSA also signed a Memorandum of Intent (MOI) with Crest International and the Association of Information Security Professionals (AISP) to introduce

CSA and IDA have established the CSAT program to help ICT professionals attain the necessary practical skills to better equip them for cyber security roles

http://www.computerweekly.com/news/2240206139/Education-and-skills-key-to-cyber-security-says-ISC2

http://www.computerweekly.com/news/4500247514/We-are-in-early-years-of-international-cyber-war-arms-race-says-security-expert-Bruce-Schneier

https://www.ida.gov.sg/Programmes-Partnership/Store/National-Cyber-Security-Masterplan-2018

HOME



EDUCATION








consequential partnerships to achieve the vision of a secure smart nation for Singapore.”

Singapore’s business community, particularly those from the financial sector, welcomed CSA’s partnership with Crest.

“Financial institutions face increasing cyber threats. It is therefore critical they conduct robust penetration testing to identify and rectify system vulnerabilities promptly and efficiently,” says Wong Nai Seng, assis-tant managing director at the Monetary Authority of

Singapore: “Crest’s Singapore chapter will help deepen the pool of qualified penetration testing expertise in Singapore and the region and strengthen our financial institutions’ cyber defences.”

Ong-Ang Ai Boon, director at The Association of Banks in Singapore, echoed the sentiment. “Crest will provide financial institutions and outsourced service pro-viders a better assurance on the quality of penetration testing services and, in turn, enhance the overall cyber security posture of banks in Singapore.” n

TechTarget ASEAN Media Group

TechTarget8 Cross Street Level 28PWC BuildingSingapore048424

EDITOR Karl FlindersPRODUCTION EDITOR Claire CormackSENIOR SUB-EDITOR Jason Foster

SUB-EDITORS Ben Whisson, Jaime Lee Daniels VICE-PRESIDENT APAC Jon PankerDESIGN Claire Cormack

© 2015 TechTarget Inc. No part of this publication may be transmitted or reproduced in any form or by any means without written permission from the publisher. TechTarget reprints are available through The YGS Group.

About TechTarget: TechTarget publishes media for information technology professionals. More than 100 focused web-sites enable quick access to a deep store of news, advice and analysis about the technologies, products and processes crucial to your job. Our live and virtual events give you direct access to independent expert commentary and advice. At IT Knowledge Exchange, our social community, you can get advice and share solutions with peers and experts.

COVER IMAGE: TOMML/ISTOCK

CYBER CRIME

http://searchsecurity.techtarget.com/tip/How-to-take-a-measured-approach-to-automated-penetration-testing

http://searchsecurity.techtarget.com/tip/How-to-take-a-measured-approach-to-automated-penetration-testing

mailto:kflinders%40techtarget.com?subject=

mailto:ccormack%40techtarget.com?subject=

mailto:jfoster%40techtarget.com?subject=

mailto:bwhisson%40techtarget.com?subject=

mailto:jdaniels%40techtarget.com?subject=

mailto:jpanker%40techtarget.com?subject=

mailto:ccormack%40techtarget.com?subject=ISM%20ezine%20-%20Asean

http://reprints.ygsgroup.com/m/techtarget

HOME



EDUCATION








Singapore and UK researchers team up to investigate security and privacy in big data eraAcademic organizations in Singapore and the UK collaborate on the privacy questions raised by big data and the cloud — BY TAO AI LEI

RESEARCHERS IN SINGAPORE and the UK are working together to explore challenges posed by threats to cyber security and privacy in the cloud.

A proposal has been submitted for a joint big data project between Singapore and UK industries and government agencies to collaborate on privacy-preserving data analytics. This has applications for healthcare, homeland security and genomic data. If approved, the project will commence in 2016.

Muttukrishnan Rajarajan, professor of security engi-neering and lead of the Information Security Group at City University London, says a cross-border partnership and multi-disciplinary approach is needed. Technologists, researchers and academics with backgrounds ranging from social sciences to computer science, engineering and maths need to collaborate to counter these challenges, he says.

Despite the obvious benefits, there are significant privacy and security issues surrounding big data analyt-ics and the cloud. “Big data provides immense benefits

ranging from innovative business models to new ways of treating deadly diseases,” says Rajarajan. “However, chal-lenges to privacy arise because technologies collect a lot of data from embedded sensors available in devices and analyse them so efficiently that it is possible to infer new knowledge without the user being aware of it.”

Rajarajan says existing privacy-preserving techniques do not provide the necessary data controls to safeguard an individual’s privacy.

While large organizations have the financial resources to invest in powerful private computers and servers to process data, the reality is most companies lack such capabilities and need infrastructure such as the cloud

DATA PRIVACY

Existing privacy-preserving techniques do not provide the necessary data controls to safeguard individuals’ privacy

https://www.city.ac.uk/people/academics/muttukrishnan-rajarajan

HOME



EDUCATION








to process big data, says Lu Rongxing, assistant profes-sor, School of Electrical and Electronic Engineering at Nanyang Technological University in Singapore.

Technology to anonymize data may work well for plain text, but it is not sufficient to de-personalize data that comes in a variety of formats. “If the data is not authentic, newly mined knowledge will be unconvincing; while if privacy is not well addressed, people may be reluctant to share their data,” says Lu.

The team at Nanyang Technological University has been working on efficient and privacy-preserving comput-ing for big data. Rajarajan gave an example of a challenge that privacy-preserving data analytics can help resolve. He says it could pick up suspicious discussions about fluctu-ating trading prices among traders without knowing the identity of the individuals involved in these discussions. Then the bank could be alerted to take action.

WHAT IS PERSONAL DATA?An example of multi-disciplinary collaboration was the International Workshop on Cloud and Big Data Security, sponsored by the US Office of Naval Research, UK Engineering and Physical Sciences Research Council, Nanyang Technological University and City University London.

The workshop took place in September 2015 at Nanyang Technological University, with participants from Asia, Europe and the US.

DATA PRIVACY

The speakers represented many disciplines and coun-tries, mirroring the multi-disciplinary approach Rajarajan says is needed to solve the challenges thrown up by big data analytics and the cloud.

This includes understanding what constitutes personal data, says Alison Knight, senior researcher at the Law School of the University of Southampton.

Data that is not personal may be processed in the cloud free of data protection law requirements. However, the question is whether commonly encountered data in the cloud is personal data. This includes fragmented data, as well as data that has been through an anonymization process prior to its use in the cloud, such as key-coded or pseudonymized data, as well as encrypted data.

Another challenge for cloud organizations and custom-ers is that it is very hard to guarantee data that has been through an anonymization process is sufficiently de-per-sonalized to ensure its processing would not attract legal obligations under data protection law. This is because there is always the residual risk of re-identification of the subjects

Technology to anonymize data may work well for plain text, but it is not sufficient to de-personalize data that comes in a variety of formats

http://www3.ntu.edu.sg/home/rxlu/

http://www.city.ac.uk/news/2015/september/city-to-co-host-international-workshop-on-cloud-and-big-data-security-in-singapore-on-21st-and-22nd-september

http://www.city.ac.uk/news/2015/september/city-to-co-host-international-workshop-on-cloud-and-big-data-security-in-singapore-on-21st-and-22nd-september

http://www.southampton.ac.uk/ilaws/about/our_students/alison_knight.page

HOME



EDUCATION








from data where it is analyzed in combination with other information that may be available.

Other challenges include determining which laws apply to data processed in the cloud, which partly depends on determining the location of personal data pro-cessing and its storage and deciding who is responsible for personal data in the cloud.

“Addressing privacy issues in cloud computing is not a straightforward issue and legal rules change over time worldwide,” says Knight. “Now, policy makers are pushing for major change – fast-tracking concepts of fairness of personal data processing, placing more emphasis on orga-nization accountability and driving increased awareness and enforcement of data protection.”

INDIVIDUALS NOT PROTECTED BY SINGAPORE PDPAEurope is regarded as having the pre-eminent data privacy legal model, while countries in the Asia-Pacific are grap-pling with data privacy issues, having recently seen the most rapid development in privacy laws.

Even though Singapore has enacted its data privacy regulations with the Singapore Personal Data Protection Act 2012 (PDPA), which became effective as of 2 July 2014, it remains to be seen if it will be strongly enforced, says Knight. The data privacy rules in Singapore and the Asia-Pacific are generally less stringent than European Union (EU) standards. Singapore’s PDPA does not link data protection with a fundamental right to privacy, as the

laws in the EU do. Singapore has made it clear the PDPA applies to businesses, not private individuals.

DATA PROTECTION ADVANCESThe UK’s Data Protection Act has forged ahead in some areas, says Rajarajan. For instance, it has differentiated between different variants of personal data – so-called personally identifiable information (PII) – to encompass any data from which an individual can be identified.

The UK is also working on big data analytics by bring-ing different languages together to enable data mining on multiple languages, suitable for the government in terms of intelligence and defence. This technology could be highly relevant for a multi-lingual society such as Singapore, says Rajarajan. In the area of data privacy, the UK has set up 14 controls or principles for data protection in the cloud. “Anyone who wants to be a cloud provider in the UK has to comply with these controls from UK government,” he says.

However, it is not all one way, with Rajarajan saying Singapore has made some new ground. For example, con-sent is required before organizations can process personal data and it is mandatory for every organization that col-lects personal data to have a data protection officer, but this is not yet the case in Europe. n

TAO AI LEI has written about the technology industry for over 10 years, and is the former editor of a regional IT weekly in Asia. She is based in Singapore, and can be reached at [email protected].

DATA PRIVACY

mailto:taoailei%40gmail.com?subject=

HOME



EDUCATION








ASEAN COUNTRIES HAVE been slow to produce comprehensive national cyber security strategies and imple-ment the necessary legal frameworks for security and critical infrastructure

protection, according to research.The BSA’s Asia-Pacific cyber security dashboard found

that all markets reviewed have gaps in their cyber secu-rity capabilities, and there are opportunities to improve the systems needed to protect against, prevent, mitigate and respond to cyber attacks. It examined the national cyber security strategies of 10 countries in the Asia-Pacific region, of which four are ASEAN countries – Singapore, Malaysia, Indonesia and Vietnam.

BSA, an industry trade group that represents sev-eral software giants, considers it critical for countries to develop comprehensive national cyber security strategies and sector-specific plans that are practical, flexible, risk-based and respectful of privacy and other civil liberties.

By an ASEAN correspondent

MORE LEGISLATION NEEDED TO BOLSTER ASEAN CYBER SECURITYASEAN countries will need legislation to motivate organizations to step up their cyber security activities

CYBER SECURITY LAW

http://cybersecurity.bsa.org/2015/apac/

HOME



EDUCATION








contrast, says Ragland, Indonesia and Vietnam need to do more to leverage the private sector’s cyber security knowl-edge and best practices.

On a positive note, Ragland says ASEAN countries have set up computer emergency response teams (Certs) and related operations, which can play a crucial role in improving a market’s cyber security capabilities.

Singapore has a five-year national cyber security mas-terplan in place, and its new Cyber Security Agency recently began operations. Although Malaysia does not have a standalone cyber security strategy, it does have a collection of policies and strategies, and its govern-ment plans to completely revise and strengthen this suite of policies by 2017. Meanwhile, Indonesia and Vietnam are in the earlier stages of developing national cyber security strategies.

“Implementation of sector-specific responses to cyber security in ASEAN, and in fact across the Asia-Pacific region is very limited,” says Jared Ragland, director of pol-icy for APAC at BSA.

Simon Piff, associate vice-president for enterprise infrastructure at IDC Asia-Pacific, agrees there is a lack of local legislation covering cyber security. “With no really meaningful data management laws in place, and abso-lutely no disclosure laws in most markets, the need to secure data is not as high on the agenda for most ASEAN organizations as it perhaps should be,” he says.

But Piff expects this to change soon as organizations that are in some way involved in a security breach may be expected to pay their share of lawsuit costs, which can be hefty. The lawsuit costs faced by Target and Home Depot could amount to $8m to $10m each.

“This means that a local organization that did not patch a web server which then gets used in a hack could potentially be liable,” says Piff. “While the laws may not yet be in place to deliver on this reality, such a reputa-tion in the US or EU markets could severely cripple many local businesses.”

TIME FOR ACTIONTo date, Malaysia and Singapore have established public-private partnership initiatives to take advantage of private-sector experience in preventing, detecting, responding to and mitigating cyber security incidents. In

CYBER SECURITY LAW

“ With no really meaningful data management laws in place, and absolutely no disclosure laws in most markets, the need to secure data is not as high on the agenda for most ASEAN organizations as it perhaps should be”— Simon Piff, IDC Asia-Pacific

HOME



EDUCATION








ability to develop effective cyber security capabilities,” says Ragland.

For ASEAN countries to really improve their cyber security, the first step is to realize their responsibility.

“Sadly, for many ASEAN businesses, it will take legislation to make this responsibility a reality, and even then it will take the enforcement of such legislation to make it stick,” says Piff. “This new world, where being part of the kill-chain could result in severe financial impact, to my mind is the more pressing motivator for the ASEAN markets.” n

“The Indonesian market is hampered by the impo-sition of local standards and testing requirements that are inconsistent with a truly international approach to addressing cyber security and will likely slow Indonesia’s

CYBER SECURITY LAW

For ASEAN countries to really improve their cyber security, the first step is to realize their responsibility

MAX

SIM

/FOT

OLIA

HOME



EDUCATION








and credit card details online and connect to unsecured public Wi-Fi networks.

The Eset report found 93% of online users in Asia worry about cyber security – but only three in five consumers can answer basic cyber security questions correctly.

The study also found that cyber savviness does not equate to being secure. For example, users in Indonesia and India take the highest number of precautions, despite having the lowest levels of cyber security awareness. On the other hand, countries such as Malaysia, Singapore and

MALAYSIA AND SINGAPORE are the top two most cyber-savvy nations in Asia, according to the Eset Asia cyber savviness report 2015.

But although both countries, along with other Asian countries, have large numbers of internet users, those users tend to take unnecessary risks when they are online, which leaves them vulnerable to cyber attacks, says the report.

The report found users labour under the misconception that their personal accounts and activities are not likely to be a target for hackers, and some may be trading security for convenience – partly due to a lack of awareness.

Many of the 1,800 respondents – polled from ASEAN countries such as Malaysia, Singapore, Thailand and Indonesia – commit basic mistakes, such as using pass-words with easy-to-access personal information, such as their date of birth or surname. They also store passwords

RISK MANAGEMENT

Malaysia the most cyber-savvy nation in Asia according to Eset, but security gaps remainEset report ranks Malaysia and Singapore as the top two most cyber-savvy nations in Asia – but many internet users still take unnecessary security risks — BY TAO AI LEI

The Eset report found 93% of online users in Asia worry about cyber security – but only three in five consumers can answer basic cyber security questions correctly

http://www.eset.co.uk/Press-Centre/News/Article/ESET-Report-Huge-Gap-in-Cyber-Security-Knowledge-Leaves-Asia-Vulnerable

http://www.eset.co.uk/Press-Centre/News/Article/ESET-Report-Huge-Gap-in-Cyber-Security-Knowledge-Leaves-Asia-Vulnerable

HOME



EDUCATION








“Most organizations are aware of the issues of not patch-ing public-facing systems – and yet many go unpatched for a variety of reasons. If commercial entities cannot maintain high levels of cyber security, why would individuals?”

INCREASING COMPLEXITYAnother challenge is that cyber attacks are also becoming more complex, even as the barriers to entry for internet access are reducing. “It’s almost impossible to deny access to a hacker who is sufficiently motivated to break into your systems. Most security has focused on the perime-ter. In reality this is no longer a realistic expectation and security strategies need to move away from this approach to a defence-in-depth strategy,” says Piff.

An area that needs to play catch-up is adequate train-ing for users. The lack of formal cyber security education is a significant issue and the study found that four in 10 online users said they gained most of their information about online security through unofficial sources, such as doing their own online research or from their families and acquaintances. Piff adds that commercial organiza-tions are only just beginning to use formal training, so consumers who are not part of such organizations may not have access to such knowledge. n

TAO AI LEI has written about the technology industry for over 10 years, and is the former editor of a regional IT weekly in Asia. She is based in Singapore, and can be reached at [email protected].

Thailand – which ranked among the top in the savviness survey – came in near the bottom in protecting themselves.

“Hackers are like predators in a jungle – they look for easy targets and the path of least resistance. The survey results show that, while consumers are adopting tech-nology quickly, they are unwittingly putting themselves at risk by not appreciating the need to secure their new devices, which can be done very easily,” says Parvinder Walia, sales director for APAC at Eset.

This disconnect is unsurprising, says Simon Piff, associ-ate vice-president for enterprise infrastructure at IDC Asia-Pacific. “Many ASEAN users are getting online with highly user-friendly smartphones or tablets. The level of formal

training required to get online is significantly lower than ever before. Tie this to the growing level of public Wi-Fi availability, social media use and the demands of access over everything else, then there will obviously be more users who are less educated about the issues,” says Piff.

RISK MANAGEMENT

“ Consumers are adopting technology quickly but unwittingly putting themselves at risk by not appreciating the need to secure their new devices,”— Parvinder Walia, Eset

https://www.idc.com/getdoc.jsp?containerId=PRF003193

security asean

Software