This is Part 1 of a 3 part series. Read Part 2 and Part 3 here.
The Association of Southeast Asian Nations (ASEAN) is the world’s fastest-growing internet region, with the user base now at 480 million people. Digitalisation in Southeast Asia has important economic implications. By 2025, online spending could rise more than six-fold to US$200 billion. Most of this consumption will be in the areas of electronics, clothing, household goods, and increased travel across the region and elsewhere. This all bodes well in terms of building a middle class and fostering job growth in the region.
At the same time, there are negative sides to the transformation to a digital economy, with cyberterrorism, cyber fraud, and identity theft increasingly threatening its potential. Bad actors are working fast and creatively to wreak havoc on countries, businesses, and people. Today, the quality of a nation’s technology backbone is likely to influence its economic success. If cybersecurity is threatened, investor confidence in the ASEAN Economic Community (AEC) will begin to decay.
On a podcast by the Centre for Strategic and International Studies (CSIS), co-hosts Jim Lewis and Chris Painter talked with David Koh, Chief Executive of the Cyber Security Agency of Singapore (CSA). They discussed progress in cybersecurity done by the CSA in its first six years, technical and policy cooperation within ASEAN, and next steps in cyber diplomacy after the conclusion of the current United Nations’ Open-Ended Working Group (OEWG) processes.
David stated that Singapore’s CSA is on a steady pace in the last six years, but it has been a frantic and hectic rollercoaster ride altogether. For him, they have made significant progress in Singapore in terms of cybersecurity. Firstly, by instilling the realisation that the country is tremendously dependent on digital infrastructures as a highly connected society. The way we work, the way we play, all kinds of things that we do depend on the internet today. This should make organisations and citizens realise that cybersecurity is an integral part of these practices. David also sees cybersecurity as a key enabler for the nation to continue the way it lives, works, and plays. From that perspective, CSA was born. David said that he had the great honour of being selected to head up the organisation. He also noted that significant high-profile cyber hacks that occurred around the world are real. These cyber-attacks brought the message home to Singapore, a message that cyber risks must be taken care of.
Prime Minister Lee’s launched Singapore’s national cybersecurity strategy during the inaugural SICW in 2016. By doing so, it galvanised the domestic audience by showing a commitment from the national government that boosting cyber resiliency is something that needs to be done.
In the ASEAN, David conceded, no man is an island, all more so in cyber issues. The nature of digital is cross border international. The country must realise that no matter what happens in Singapore, it would not be sufficient to curtail the widespread cyber threats. Singapore knows that its economic growth is tied to the ASEAN region thus building up the region’s cyber resiliency is vital. To do this, David noted, that ASEAN countries should leverage ICT technologies in terms of economy, education and so on. The region can fully leverage these tech advancements if it can also deal with cyber risks as well. The message is clear that nations are all dependent on each other and they can only reap the full benefits of digitalisation by dealing with cyber issues. Meanwhile, David is also glad that ASEAN members attend their meetings on cybersecurity at a ministerial level. That is how the ASEAN Ministerial Conference on Cybersecurity (AMCC) was launched.
From a larger perspective, David also mentioned that a rules-based framework must be implemented when dealing with cybersecurity. Therefore, the United Nations (in general) is an appropriate platform for cyber discussions to take place, given its open and inclusive nature for all 193 member states. By conducting discussions on the forum, UN members can now see the importance of cybersecurity for their respective countries. The broadening of the conversation on cyber resiliency and producing a consensus report from the UN OEWG is a significant achievement.
Accordingly, David said that if the approach in cybersecurity is in the same direction, whether it be for the potential impacts of cyber threats, up to the solutions that can deal with them, countries can expect a positive outcome in terms of strengthening cyber resiliency. Leaders and decision-makers must recognise that cybersecurity is an issue, and they need to work together so everyone can move forward in this journey of full digital transformation.