Cybercriminals can be certain about a few things.
- Most companies store their important data on their networks. Patents, innovative designs, customer information, and confidential data — it’s all there.
- Intellectual property is highly valuable, making it the number one thing cybercriminals target.
- Many companies don’t understand the latest security practices and don’t install the latest patches on their security products, leaving an open door for cybercriminals to steal what matters most.
- You don’t have to be a large government agency or an energy company to be an attractive target. Every company, no matter how small, has sensitive data that can be stolen and re-sold.
- This is a growing and lucrative market.
The National Cyber and Crypto Agency (BSSN) acknowledges that technological advancements will trigger increasingly massive and diverse cybersecurity risks and threats. These threats focus on social, psychological, and behavioural aspects and activities aimed at influencing or manipulating individuals, groups, or communities, which can disrupt mindsets, behaviours, and human interactions.
Instances of these social cybersecurity threats include disseminating false electronic information, also known as information disruption. Information disruption is divided into misinformation, disinformation, and misinformation, real threats that can spread fear or provoke and lead to the widespread dissemination of false news and even propaganda.
One of BSSN’s steps in anticipating social cyberattacks is to strengthen the culture of information security by collaborating with the Directorate General of Public Information and Communication (Ditjen IKP) of the Ministry of Communication and Information Technology through the joint creation of content in Komik Komunika with the theme “Digital Deception.”
Acting Director of Security and Information Control Operations at BSSN, Satryo Suryantoro, welcomed the cooperation and collaboration established by publishing Komik Komunika edition 48. The introduction of the character Cody in this comic edition strengthens the connection between the world of cybersecurity literacy and a more engaging visual approach.
Previously, Cody was introduced in the cybersecurity literacy series titled “Cybernaut Generation 1.0.” Cody’s presence in the comic provides continuity in delivering crucial messages about cybersecurity to various audiences, especially the younger generation, who may be more connected to visual forms of communication.
There is also the Latest Social Cyber Education News (BESTI), which has successfully published 8 editions in 2 languages. The presence of bilingual versions is an effort to ensure that as many people can receive messages related to cybersecurity as possible. Using two languages, BESTI strives to embrace diverse audiences, including those who may be more comfortable with one language. It also makes the cybersecurity education approach more inclusive and far-reaching.
In other words, this comic is part of a broader strategy to educate the public about the importance of cybersecurity and how they can protect themselves online. Through various communication tools such as comics, literacy materials, and educational news, this effort aims to reach a wider audience and create a better understanding of the challenges and solutions in the ever-evolving cyber world. The more people receive this message, the better the community’s ability to face existing cybersecurity threats.
Satryo is optimistic that cybersecurity literacy in Indonesia can be strengthened through ongoing cooperation and collaboration. He plans to collaborate even in Remote, Frontier, and Outermost Areas (Daerah 3T).
“I am optimistic that the results of the collaboration, such as Komik Komunika, can be accessible to the younger generation, both in urban areas and in Daerah 3T,” Satryo adds.
Nursodik Gunarjo, Director of Media Management at the Directorate General of IKP Kemenkominfo, stated that cybersecurity awareness is conveyed through various media, including comics. According to Gunarjo, comics are deliberately chosen because images and visual presentations appeal more strongly to the younger generation. Moreover, the fact that Indonesia is the largest consumer of comics in the world.
He also expressed his optimism that cybersecurity literacy through comics can increase the younger generation’s understanding, awareness, and participation in efforts to maintain Indonesia’s cyber sovereignty.
“Without active participation from the younger generation in applying cybersecurity, the risks to our country in the digital world will increase,” he said.
The world’s first integrated cyber defence, cyber security, and emerging technology event, CYDES 2023, took place at the Malaysia International Trade and Exhibition Centre (MITEC) in Kuala Lumpur, Malaysia, highlighting the importance of addressing cyber-threat challenges and fostering collaboration within the ASEAN region.
Cybersecurity leaders across Asia concur that collaboration and breaking down silos among organisations and sectors are essential for success in tackling the complex and ever-evolving challenges of cybersecurity, ensuring the preservation of digital infrastructure.
David Koh, Commissioner of Cybersecurity and Chief Executive of the Cyber Security Agency (CSA) of Singapore, emphasised the importance of collaboration among different agencies to effectively address cybersecurity challenges, “Cyber is a team sport. We can’t do this by ourselves.”
For example, the Cyber Security Agency of Singapore works closely with the Ministry of Home Affairs, the Ministry of Defence, and the Ministry of Communications and Information to share critical information and coordinate responses to cyber threats.
However, to effectively combat cyber threats, government agencies require the cooperation and active involvement of businesses, academia, and civil society as valuable partners in the collective effort to strengthen cybersecurity measures.
According to David, in the rapidly evolving cyberspace landscape, private companies possess valuable intelligence, operational capabilities, and technical know-how that complement government efforts, making partnering with the private sector essential for robust cybersecurity measures.
This collaborative approach fosters a comprehensive and unified response, leveraging diverse expertise and resources to safeguard digital infrastructures and protect against evolving cyber threats.
“Governments must therefore collaborate with the private sector to enhance their cybersecurity posture,” David believes. “Public-Private Partnerships (PPPs) play a crucial role in fostering information sharing, promoting collaborative research and development, and driving innovation in cybersecurity, enabling governments and private companies to jointly address the ever-growing challenges of the digital era.”
The successful partnership between the Singaporean government and a private technology corporation during the response to the SolarWinds attack exemplifies how PPPs can leverage private sector expertise to obtain critical technical information and develop actionable indicators of compromise, enhancing the collective cybersecurity defence capabilities.
This is merely one instance in which PPPs can assist the public sector in enhancing its cybersecurity posture. Governments and companies can make the digital world safer for everyone by working together and safeguarding individuals, businesses and critical infrastructures in the digital frontier.
David highlighted the importance of adopting a new perspective, urging governments to share information with private businesses and embrace innovative ideas. This shift is challenging yet essential for effective cybersecurity in the digital world. By adjusting their approach and collaborating with private companies, governments can contribute to a safer digital environment for all.
Indeed, Public-Private Partnerships (PPPs) play a crucial role in cybersecurity, as they bridge the gap between the public and private sectors. By sharing information, expertise, and resources, these partnerships enhance the collective ability to detect, prevent, and respond to cyber threats effectively.
Moreover, PPPs facilitate the development of new technologies and innovative solutions, fostering a collaborative environment for tackling evolving cybersecurity challenges. Ultimately, such collaborations improve the coordination of cybersecurity efforts, leading to a more robust and secure global digital landscape and the world (digital and physical) a safer place for everyone.
Shamsul Bahri Hj Kamis, Interim Commissioner of Cyber Security Brunei (CSB), highlighted the need to examine current systems to harmonise cybersecurity in ASEAN. In 2017, ASEAN member states developed the ASEAN Cybersecurity Cooperation Strategy, outlining directions, objectives, and action plans to strengthen cybersecurity in the region.
The policy aims to tackle communication challenges arising from the multitude of sectoral groups within ASEAN working on cybersecurity. This is particularly challenging due to ASEAN’s consensus-based decision-making process, which can sometimes hinder progress.
However, various measures to address cybersecurity in ASEAN are already underway. The ASEAN Computer Emergency Response Team (CERT), which coordinates the response to cybersecurity incidents, and the ASEAN Cybersecurity Capacity Programme, which provides training and assistance to ASEAN member states in developing their cybersecurity capabilities, are two examples.
“To move forward, ASEAN must devise a strategy for more effectively sharing information and collaborating on addressing the most severe cyber threats,” Shamsul elaborates. “This will necessitate tight collaboration among governments, corporations and civil society.”
Shamsul believes that collaboration within ASEAN can create a secure and resilient digital environment for people and businesses. He stressed the need for shared awareness of the region’s risks and challenges, as well as a clear division of responsibilities among the various sectoral bodies.
Strengthening information sharing within ASEAN and with other nations, along with a focus on capacity building in member states, is essential as cybersecurity should be embraced as a shared responsibility by all stakeholders.
“By resolving these issues, ASEAN can make substantial strides towards regional cybersecurity harmonisation,” Shamsul is convinced.
Shariffah Rashidah Syed Othman, Acting Chief Executive of the National Cyber Security Agency of Malaysia (NACSA), agrees that cybersecurity is increasingly becoming a critical concern for governments and businesses globally, particularly in the ASEAN region, where the rapidly growing digital economy necessitates strong cybersecurity measures.
According to Shariffah, the cross-border nature of cyber threats is one of ASEAN’s greatest cybersecurity challenges. Cybercriminals can simply target victims in one country while operating from another. As a result, governments find it difficult to confront cyber threats on their own.
“By combining the resources and experience of governments and businesses, public-private partnerships can assist in addressing this challenge. Governments can provide regulatory and financial support, while businesses can share knowledge about cyber dangers and best practices,” Shariffah says.
Partnerships between the public and private sectors play a vital role in addressing the barrier of a lack of understanding of cyber risks in the ASEAN region. By collaborating, they can raise awareness of internet threats, educate businesses, and individuals on cybersecurity best practices, and collectively work towards creating a safer digital environment for all.
“ASEAN leaders must recognise that cybersecurity is a shared responsibility. Governments, businesses, and individuals must all work together to secure the region from cyber dangers,” Shariffah stressed.
The comprehensive strategy for enhancing cybersecurity in the region must encompass strengthened government cooperation, information sharing on cyber dangers, increased cyber risk awareness, improved critical infrastructure security, and robust protection of personal data. By addressing these crucial aspects collectively, ASEAN can build a more resilient and secure digital ecosystem for its residents and businesses.
Shariffah outlines several key advantages of public-private partnerships in cybersecurity, such as bridging the divide between technical and non-technical skills, fostering trust and collaboration between governments and enterprises, and facilitating the effective implementation of cybersecurity measures.
By leveraging these partnerships, ASEAN can enhance its cybersecurity capabilities, as governments and companies work together to create a safer and more secure digital environment for everyone in the region.
Shariffah advocates practising “cyber hygiene,” urging individuals to be vigilant about online risks and take proactive measures to protect themselves. This includes using strong passwords, regularly updating software, and exercising caution when sharing personal information on the internet. By promoting cyber hygiene, individuals can play an active role in safeguarding their digital security and contributing to a safer online environment for all.
She also stressed the importance of empathy in cybersecurity, highlighting the need to understand diverse perspectives and communicate in a language that is accessible to all. Recognising the different viewpoints held by individuals is crucial in addressing cybersecurity challenges effectively and fostering a collaborative and inclusive approach to cybersecurity initiatives.
“Cybersecurity is more than just a technical problem – it is a societal issue. Thus everyone needs to be included in the discussion. We can all live in a safer digital environment if we all work together,” Shariffah is convinced.
Indeed, understanding that cybersecurity is not solely a tech challenge but also a community one underscores the importance of involving all stakeholders. By acknowledging the broader societal implications of cybersecurity, public-private partnerships can effectively address challenges and implement comprehensive solutions that safeguard everyone in the digital landscape.
Cybersecurity for SMEs: A Workable Model
David Koh, Commissioner of Cybersecurity and Chief Executive of the Cyber Security Agency (CSA), knows the universal importance of cybersecurity for all organisations but understands there are challenges faced by small and medium-sized firms (SMEs). Due to limited resources and experience, SMEs may find it more difficult to implement effective cybersecurity measures.
The Cyber Security Agency (CSA) in Singapore has created a variety of programmes to assist SMEs in strengthening their cybersecurity posture. The Cyber Essentials mark, which offers a set of fundamental cybersecurity measures that all firms should follow, is one of these initiatives.
The Cyber Essentials mark four important areas including:
- Asset management: Includes cybersecurity awareness for its employees, and classifying and identifying each asset in your company, including its hardware, software, and data.
- Secure and Protect: This entails limiting who has access to and what they can do with the resources of your company.
- Update, backup, and Respond.
“SMEs can begin by adopting Cyber Essentials as a foundational step to strengthen their cybersecurity posture,” David advises. “However, these are just initial restrictions, and SMEs may need to implement additional measures based on their specific requirements and threats.”
If SMEs want to strengthen their cybersecurity posture, they should start with the Cyber Essentials,” David says. It’s crucial to keep in mind that these are merely fundamental, basic restrictions. Depending on their particular requirements and dangers, SMEs may need to implement additional steps, adding that CSA would be happy to share its framework with regional partners like Malaysia and Brunei.
Alongside the Cyber Essentials mark, the Cyber Security Agency (CSA) offers a range of tools to support SMEs in enhancing their cybersecurity. These resources encompass a cybersecurity training programme tailored for SMEs, a dedicated cybersecurity helpline, and a list of certified cybersecurity consultants who can guide SMEs in implementing the Cyber Essentials effectively.
By leveraging the CSA tools, SMEs can significantly bolster their cybersecurity defences and safeguard their businesses against online threats, ensuring the security and protection of their valuable assets and sensitive information.
In addition to CSA’s initiatives, SMEs can bolster their cybersecurity posture through various measures, including ensuring regular software updates, which often include vital security patches to safeguard against known vulnerabilities. Individuals can enhance their cybersecurity by using strong passwords and password management software, while organisations can educate their staff about cybersecurity threats.
Moreover, having a well-defined response plan for cyber incidents is essential for effective cybersecurity management.
“By adopting these measures, SMEs can protect themselves from cyber threats and maintain the security of their businesses,” David concluded.
Shamsul spoke about the Cyber Consortium, a regional programme established in 2021, aimed at bolstering the cybersecurity posture of Southeast Asian SMEs. Comprising academic institutions, IT partners, cybersecurity experts, companies, students, and government regulatory agencies, this collaboration focuses on enhancing cybersecurity resilience in the region.
The Cyber Consortium offers a comprehensive array of services to SMEs, including cybersecurity assessments, training and education, technical support for implementing security measures, and networking opportunities with other SMEs and cybersecurity experts, all aimed at strengthening their cybersecurity defences.
“It is a useful tool for SMEs trying to strengthen their cybersecurity posture. SMEs can get the assistance they need to safeguard their companies against cyber dangers by joining the consortium,” Shamsul believes.
Shariffa acknowledges the dynamic nature of the cybersecurity landscape, with evolving technologies and adaptable cyber threats posing challenges for enterprises and individuals to stay updated with the latest security measures.
“Malaysia’s government has made several efforts to assist businesses in improving their cybersecurity posture,” she reveals. “Funding a programme to assess SMEs’ cybersecurity; collaborating with the local sector to deliver managed security services to SMEs; and collaborating with telcos to impose basic cybersecurity hygiene on their services are all part of this.”
While the mentioned actions are valuable, there are further steps that businesses and individuals can take to bolster their protection against cyber threats. Staying vigilant and informed about the latest cybersecurity risks is crucial, involving keeping abreast of security news, reading security blogs, and participating in security conferences to stay well-prepared.
Adopting a layered security strategy is essential for businesses, involving the implementation of multiple security measures such as firewalls, antivirus software, and intrusion detection systems to provide comprehensive protection.
For individuals, safeguarding against cyber dangers includes using strong and unique passwords, being cautious while sharing personal information online, and remaining vigilant about potential phishing scams to ensure greater online safety.
Education plays a crucial role in strengthening cybersecurity. Businesses should invest in training their staff to recognise and respond to cybersecurity threats effectively. Additionally, having a well-defined incident response plan ensures a swift and organised reaction to cyber incidents, minimising potential damage.
Regularly testing security systems and conducting vulnerability assessments are essential practices to identify and address potential weaknesses in the network. Keeping software up to date with the latest patches and security updates is a fundamental measure to protect against known vulnerabilities and potential exploits.
“The cybersecurity landscape is continuously evolving, but by taking precautions, organisations and individuals may help keep themselves safe from cyber threats,” Shariffa ends. “Combining various efforts can significantly enhance the cybersecurity posture for both businesses and individuals.”
Trust Building in ASEAN Cybersecurity
David believes that focusing on shared goals is a powerful strategy to build trust and foster collaboration among diverse parties in the realm of cybersecurity. Establishing common objectives, such as protecting critical infrastructure from cyber threats, enables everyone involved to unite their efforts towards a collective purpose, leading to more effective and coordinated cybersecurity measures.
“By aligning interests and recognising mutual benefits, stakeholders can work together in harmony to strengthen cybersecurity and safeguard digital environments,” he says.
Sharing information is indeed a crucial approach to building trust and enhancing cybersecurity efforts among different organisations. While it may be challenging to exchange sensitive data, the benefits of sharing outweigh the risks. Timely and accurate information sharing enables organisations to recognise and respond to cyber threats more swiftly and effectively.
“Cybersecurity is a complex challenge, but we can conquer it if we all work together,” David says. “Organisations can construct a more secure and robust digital infrastructure by breaking down silos across organisations and industries and sharing information.”
David stressed the importance of teamwork in cybersecurity, akin to an international team sport requiring countries to cooperate and work together. Global collaboration with partners worldwide was highlighted, as well as, investing in education and training to raise awareness of cybersecurity risks, and developing new technologies to enhance defence against cyber threats.
“We can make the digital world a safer place for everyone if we all work together,” David is confident.
Shamsul appreciates the necessity of trust for effective cybersecurity collaboration, noting that countries lacking trust are less likely to exchange information or cooperate in responding to cyber threats.
Several initiatives are currently underway in ASEAN to strengthen trust and collaboration among member states. Some of these efforts include:
- The ASEAN Cybersecurity Capacity Building Centres in Thailand and Singapore
- The ASEAN Partners Search Information Sharing (APSIS) initiative
- The ASEAN Cybersecurity Cooperation Strategy, which calls for the establishment of an ASEAN Computer Emergency Response Team (CERT)
“These activities are assisting in the development of trust among ASEAN member states as well as the improvement of the region’s cybersecurity posture,” Shamsul explains. “However, more work remains to be done.”
Establishing a shared understanding of cybersecurity threats and risks presents a key challenge for effective collaboration among ASEAN member states. Different countries may have varying levels of awareness and perception of cyber dangers, making it crucial to bridge the knowledge gap and foster common ground for tackling cybersecurity issues.
Furthermore, ensuring the safe and secure sharing of information is paramount to building trust and promoting collaboration in cybersecurity efforts. Governments and organisations need robust and reliable mechanisms to exchange critical data and threat intelligence without compromising sensitive information or exposing vulnerabilities.
Despite the challenges faced in establishing shared understanding and secure information sharing, the progress made in enhancing cybersecurity collaboration among ASEAN member nations is encouraging. By continuing to work together and build trust, these countries have the potential to create a more secure and resilient digital future for the region.
Shamsul underscored the importance of a “tangible platform” for knowledge sharing, highlighting its role in fostering trust among ASEAN member states and ensuring the secure and confidential exchange of information. Having a reliable and accessible platform can serve as a foundation for effective collaboration, enabling countries to share valuable insights, best practices, and threat intelligence in real-time.
The National Trust Framework serves as a valuable resource for ASEAN countries seeking to enhance their cybersecurity posture, offering a comprehensive set of recommendations to safeguard critical infrastructure, personal data, and sensitive information.
By exploring this framework, ASEAN countries can save time and costs while building a strong cybersecurity architecture, avoiding the need to reinvent the wheel as the framework provides a solid foundation for their efforts.
“ASEAN countries, I believe, may collaborate to localise and harmonise the National Trust Framework,” said Shamsul. “It would enhance the regional cybersecurity architecture and would improve effectiveness and readiness of ASEAN countries against cyber threats.”
According to Shariffa, building effective human firewalls requires confidence in the commitment of individuals and organisations to cybersecurity, which involves open and willing information sharing about security procedures, ultimately fostering trust and creating a safer and more robust digital ecosystem for countries.
ASEAN countries are dedicated to enhancing regional cybersecurity through collaboration, acknowledging their diverse capacities and competencies. They are working on a flexible framework to facilitate cooperation at individual countries’ respective paces.
As a result, ASEAN cybersecurity mechanisms were established to:
- be a valuable resource for ASEAN countries. It will provide them with access to information and expertise that they may not have otherwise had.
- help to improve coordination between ASEAN countries. This will make it easier for them to share information and respond to cyber threats.
- assist in raising awareness of cybersecurity risks in the region to protect individuals and businesses from cyber-attacks.
Shariffa emphasised that the implementation of the mechanism will involve designating a unit within each ASEAN country. This agency will be responsible for collaborating with other ASEAN nations, sharing information on cyber threats and incidents, and providing technical support to other countries.
The creation of this mechanism represents a significant advancement in ASEAN’s efforts to improve cybersecurity. ASEAN countries can better protect themselves from cyber-attacks and build a more secure digital environment for all by working together.
“The creation of the ASEAN cybersecurity mechanism is a great step forward. It demonstrates the region’s dedication to enhancing cybersecurity,” Shariffa ends.
ASEAN’s Commitment to Improve Cybersecurity
David explained that ASEAN’s ministers have approved a plan to establish a regional Computer Emergency Response Team (CERT) for the region. The ASEAN CERT will serve as a platform for knowledge sharing and skill-building within the region, complementing the existing national CERTs and working collaboratively to enhance cybersecurity across ASEAN.
The ASEAN CERT will strengthen sharing information about cyber threats and incidents; coordinating CERT capacity building programmes in the region; coming up with and supporting best practices for cybersecurity; and educating people about cybersecurity risks and making them more aware of them.
“The ASEAN CERT is a move in the right direction for the region’s attempts to improve cybersecurity,” said David. “By working together, ASEAN countries can protect themselves better from online threats and make the internet safer for everyone.”
The ASEAN CERT will be a valuable resource for member countries, providing access to knowledge and information that may not have been readily available before. By fostering better collaboration and information sharing among the nations, the ASEAN CERT will enhance their collective ability to address cyber threats effectively and strengthen their cybersecurity posture as a united front.
By providing valuable insights into hacking risks, ASEAN CERT will empower individuals and businesses to better protect themselves from cyber-attacks, contributing to a safer digital environment for all. This initiative showcases the region’s commitment to improving cybersecurity and fostering a collective effort to address cyber threats effectively.
Shamsul shares that the ASEAN CERT will collaborate with both foreign and regional groups to advance ASEAN’s cybersecurity objectives and interests. Currently, there is no official platform for CERTs to communicate with one another, making it vital for ASEAN CERTs to foster collaboration, share knowledge, and exchange best practices.
“This collective effort will strengthen the region’s ability to address cyber threats effectively and establish a more secure digital landscape for all ASEAN member states,” he is confident.
The ASEAN CERT will establish partnerships with businesses and higher education institutions, appreciating the valuable information and expertise they possess to enhance cybersecurity. Collaborating with these sectors ensures access to the latest knowledge and skills, enabling ASEAN CERTs to effectively address emerging cyber threats and trends.
By fostering these alliances, the ASEAN CERT can stay at the forefront of cybersecurity advancements, making the region more resilient and better equipped to safeguard its digital landscape.
Shamsul concurs that the establishment of the ASEAN CERT marks a significant advancement in ASEAN’s efforts to enhance cybersecurity. Through collaboration with international and regional organisations, as well as industry and education sectors, the ASEAN CERT can play a crucial role in creating a safer digital environment for everyone in the region.
By fostering partnerships and sharing knowledge, the ASEAN CERT aims to bolster cybersecurity measures, effectively respond to cyber threats, and promote a more secure digital landscape in the ASEAN community.
Shariffa reiterated support for ASEAN initiatives like ASEAN CERT, highlighting that the Malaysian government is actively engaged in strengthening cybersecurity measures. They are currently working on a new Cybersecurity Bill aimed at granting the National Cyber Security Agency (NACSA) enhanced authority to safeguard the nation’s critical infrastructure from cyberattacks.
The proposed Cybersecurity Bill in Malaysia seeks to enforce robust security measures for critical national information infrastructure (CNII) owners and operators. By mandating appropriate security measures, the bill has the potential to significantly enhance Malaysia’s cybersecurity posture, bolstering the nation’s resilience against cyber threats and safeguarding its vital information assets.
Shariffa explains that the proposed Cybersecurity Bill aims to grant NACSA expanded investigative and response capabilities, while also imposing a requirement for CNII owners and operators to implement robust security measures.
This comprehensive approach would significantly bolster the protection of Malaysia’s critical infrastructure from cyberattacks, thereby reducing the risk of cyber espionage and enhancing the nation’s overall cybersecurity resilience.
Shariffa sees the proposed Cybersecurity Bill as a positive and transformative step that has the potential to make Malaysia a more secure nation in the digital age.
“With its comprehensive measures to strengthen cybersecurity, the bill can significantly enhance Malaysia’s resilience against cyber threats and safeguard the nation’s critical infrastructure and digital ecosystem,” she believes.
The CYDES 2023 event showcased the determination of ASEAN nations to address cybersecurity challenges and advance in this critical domain. With a focus on cooperation, a wealth of cybersecurity expertise and initiatives like the ASEAN CERT, the region is taking substantial steps towards enhancing its cybersecurity posture.
By continuing to invest in cybersecurity measures, fostering collaboration among member states, and leveraging their unique assets, ASEAN countries are well-positioned to create a safer and more secure digital environment for their residents and businesses in the ever-evolving digital age. Together, they can forge a path towards a more resilient and protected ASEAN region in the face of emerging cyber threats.
Two countries with long histories and similar ideals, Singapore and the UK, are starting a new phase of cooperation that will significantly alter the digital environment. Their recent announcement of a Strategic Partnership demonstrates their shared commitment to innovation, prosperity, and peace in the Asia-Pacific area.
Economic cooperation is the cornerstone of international relations; hence, Singapore and the UK are dedicated to strengthening their economic connections citing that digital trade and the digital economy are essential to this commitment.
The United Kingdom-Singapore Digital Economy Agreement (UKSDEA) and the United Kingdom-Singapore Free Trade Agreement (UKSFTA) are agreements that aim to foster an atmosphere that encourages digital innovation in addition to lowering tariffs.
A crucial component of the modern digital economy, cross-border data transfers are being explored by Singapore and the UK. To ensure that people and businesses can easily navigate the digital landscape, they also seek to encourage the adoption of interoperable digital technologies. Their goal is to expedite their digital transformation journeys by sharing best practices.
Nowadays, where cyber threats are just as serious as physical ones, the UK-Singapore cooperation understands the need to strengthen its defence and cybersecurity capacities. The strategies used by malevolent actors in the digital sphere also change as technology does.
To defend against new digital threats, the two countries plan to modernise the Five Power Defence Arrangements (FPDA) and increase their defence cooperation. In this endeavour, closer communication on threat assessments and deterrent tactics is essential.
Additionally, both nations’ Ministries of Defence are included in the cooperation, with an emphasis on addressing hybrid threats in the information, digital, and cyber domains. This partnership aims to make the globe a safer, more stable place in addition to defending national interests.
Singapore and the UK are dedicated to promoting sustainability and combating climate change. Their strategic alliance reaches into the field of innovation and technology to promote change in these domains.
Two countries are working to decarbonise economic activity through the United Kingdom-Singapore Green Economy Framework (UKSGEF). This project includes carbon markets, sustainable financing, green transport, and low-carbon energy technology. Further, the creation of a Green Skills Corridor highlights how crucial a skilled labour force is to sustainable sectors.
It is remarkable how well they work together on investments and sustainable infrastructure. Their objective is to improve the energy security and resilience of the area by providing funding for low-carbon energy and energy transition initiatives. This complex project includes upstream project development and creative finance options.
Singapore and the UK are at the forefront of creating solutions to global concerns because they are leaders in research, science, innovation, and technology. They demonstrate their dedication to innovation via their updated Science, Innovation, and Technology Partnership.
This collaboration encompasses important and cutting-edge technologies including engineering biology and artificial intelligence (AI). To ensure the proper and moral application of these revolutionary technologies, both countries aim to work together to create international standards for them.
Their common dedication to cybersecurity is demonstrated by their cooperation on Internet of Things (IoT) security, app security, and cyber skills development. They apply their scientific and technological prowess to confront global issues like pandemics and climate change to improve civilisation.
An essential component of this alliance is also strengthening public-sector collaboration. Both nations hope to gain knowledge and strengthen their respective capacities by hosting yearly Public Service Roundtables at the level of Permanent Secretaries, which will benefit both parties as well as the larger international community.
Also, their dedication to global development and the enhancement of culture and education is demonstrated by their participation in capacity-building initiatives and cultural exchanges with underdeveloped nations.
Coding empowers programmers to create within the digital domain. In today’s interconnected society, software is the foundational framework that can profoundly affect lives, from minor disruptions to potentially life-threatening situations. The methodologies and instruments employed in developing digital projects carry substantial importance. Consequently, it becomes imperative to reassess practices and methodologies in software development.
Like the stringent requirements for constructing physical structures using high-quality materials and optimal designs to ensure safety, the digital realm demands an equally strong commitment to quality and excellence. It’s worth noting that, unlike the physical world, where certifications and building codes play a crucial role in upholding construction integrity, the coding sphere lacks such robust safeguards.
The C and C++ are popular programming languages due to their speed and widespread use. However, their age and vulnerabilities have made them attractive to cybercriminals. Memory-unsafe code, common in these languages, is a significant security risk. The Cybersecurity and Infrastructure Security Agency (CISA) is leading the “Secure by Design” effort to enhance cybersecurity by integrating it into technology product design. Transitioning to memory-safe languages can reduce vulnerabilities and improve security.
Addressing the supply and demand for secure coding skills presents a unique challenge. Addressing the supply and demand for secure coding skills poses a distinctive challenge. Focusing on the demand side, close collaboration with tech companies becomes pivotal in championing the adoption of Secure by Design principles and the commitment to specific standards.
This partnership entails working closely with these companies to establish roadmaps for transitioning their codebases towards memory safety, ultimately reshaping the demand landscape for programmers skilled in security and proficient in memory-safe languages.
On the supply side, the focus is on expanding digital skills across a more diverse population to encourage wider participation in the field. Concurrently, recognising the significance of integrating security concepts into computer science and coding education is crucial.
Efforts are underway to reshape instructional and learning pathways within academic and self-taught coding communities. Notably, participation in the National Cybersecurity Education Colloquium on September 20th is planned, aiming to collaborate with the Cybersecurity Centres of Academic Excellence (CAE) community to integrate Secure by Design principles into CAE requirements.
On this opportunity, coding institutions are encouraged to develop strategies for seamlessly integrating security concepts and memory-safe programming languages into their educational curricula. This proactive approach ensures that future generations of programmers are well-prepared to address the intricate challenges of secure coding with proficiency and confidence.
These institutions should adapt and refine their instructional frameworks in response to the ever-evolving digital technology landscape and the increasing cybersecurity threats. Students can acquire the essential knowledge and skills required to fortify software systems against potential vulnerabilities and threats by infusing security principles into coding education.
To navigate this uncharted territory, it is crucial that developers collectively define and implement coding best practices and principles. This conscious effort will serve as a virtual guardrail, reinforcing the dependability and security of digital solutions. By embarking on this journey to establish digital “building codes,” the reliability and robustness of creations can be ensured, bridging the gap left by the absence of formal regulations in coding.
“We emphasise the significance of this initiative and call upon coding institutions to embrace these changes wholeheartedly. By doing so, we empower the next generation of programmers to navigate the complex terrain of secure coding confidently, ensuring a safer digital future for all,” said Jen Easterly, the director of CISA.
In a heartening display of diplomatic camaraderie, Prime Minister Justin Trudeau of Canada embarked on a historic visit to Singapore, where he engaged in crucial talks with Prime Minister Lee Hsien Loong at the esteemed Istana. This meeting not only reaffirmed the warmth between the two nations but also underscored their shared commitment to global values such as multilateralism, the rule of law, and the vital importance of free trade.
As the two Prime Ministers exchanged pleasantries, their discussions delved deep into the heart of international developments. Their focus was on how nations like Singapore and Canada could collaboratively uphold the rules-based multilateral order, thereby fostering economic growth and prosperity for their people. This shared vision resonated clearly throughout their interaction.
One particularly noteworthy aspect of the dialogue was Prime Minister Lee’s enthusiastic welcome to Canada’s deepening engagement with the Association of Southeast Asian Nations (ASEAN). This engagement has recently been elevated to a Strategic Partnership, marking a significant milestone in ASEAN-Canada relations. The move underscores Canada’s commitment to the region and its desire to forge lasting bonds with ASEAN member states.
The longstanding warmth in the relations between Singapore and Canada has translated into a broad spectrum of bilateral cooperation. This partnership now extends its reach into the realm of cybersecurity with the renewal of the Canada-Singapore Cybersecurity Memorandum of Understanding (MoU). The agreement seeks to enhance collaboration through information exchange, skills development, and capacity-building programmes, reflecting the importance of a secure cyberspace in today’s interconnected world.
One of the key benefits of this agreement is the facilitated exchange of crucial cybersecurity information as the information sharing is paramount in staying ahead of emerging cyber threats. Through the MoU, Canada and Singapore can promptly share threat intelligence, threat indicators, and best practices, enabling them to respond swiftly and effectively to potential cyberattacks.
In addition to information sharing, the MoU supports skill development programmes. This aspect is vital in a rapidly evolving field like cybersecurity. By investing in skill development, both countries ensure that their cybersecurity professionals remain well-equipped and up-to-date with the latest techniques and technologies, thereby bolstering their cyber defenses.
Capacity building is another significant advantage of the MoU. It helps both Canada and Singapore build the necessary capabilities to respond effectively to cyber incidents. This includes having the right tools, processes, and expertise in place to mitigate and recover from cyberattacks promptly.
Beyond the national scope, the MoU has implications for global cybersecurity efforts. By collaborating on cybersecurity matters, both countries strengthen their positions in international cybersecurity discussions and partnerships. This not only benefits Canada and Singapore but also contributes to the broader global effort to combat cyber threats. It underscores the importance of international cooperation in addressing a borderless challenge like cybersecurity.
Also, the MoU serves as a safeguard for critical infrastructure and business interests in both countries. By protecting these vital assets from cyber threats, the agreement helps maintain economic stability and security, which is crucial in an interconnected and digitalised world.
Similarly, the two nations are taking significant steps to strengthen their defense ties by initiating negotiations on a General Security Agreement. This agreement will facilitate deeper defense exchanges and collaborations between Singapore and Canada, fostering a sense of security in the face of global challenges.
In an age marked by rapid technological advancements, both sides are eager to advance cooperation in Science, Technology, and Innovation. This is a testament to their shared belief in the transformative power of innovation in addressing contemporary challenges and driving economic growth.
Collaboration and cooperation in areas like e-governance and cybersecurity are becoming not just desirable but imperative between Department of Information and Communications Technology (DICT) Secretary Ivan John Uy of the Philippines and Estonia’s Prime Minister Kaja Kallas. Their agreement, made on the sidelines of the Tallinn Digital Summit (TDS) 2023, signifies a new chapter in the relationship between their nations.
Secretary Ivan wasted no time in apprising Prime Minister Kallas of the Philippines’ proactive approach to fostering this collaboration. He revealed that the Philippines is already in the process of preparing a Memorandum of Understanding (MoU) on digital cooperation. While the finalisation of this MoU awaits inputs from relevant stakeholders, it holds the promise of being a foundational document that will facilitate future agreements between the two nations.
The significance of this MoU extends beyond mere paperwork. As Secretary Ivan aptly put it, it will serve as a gateway to deeper collaboration across various fields of Information and Communication Technology (ICT). This cooperation isn’t merely about enhancing technological capabilities; it’s about catalysing the Philippine government’s digital transformation and fortifying the nation’s cybersecurity defences. In an age where data and information are among a nation’s most valuable assets, safeguarding them is paramount.
Prime Minister Kallas echoed these sentiments by emphasising Estonia’s commitment to upholding international law in cyberspace. In an era plagued by relentless global cyber threats, such a commitment takes on monumental significance. It’s not just about defending individual nations but protecting the fabric of the interconnected world.
Secretary Ivan, in response, underlined the pivotal role of international law in deterring and mitigating cyberattacks. These sentiments expressed during the meeting reflect a shared recognition of the evolving challenges and responsibilities in the digital age.
The Philippines’ ICT Chief also shared insights into the nation’s intentions regarding artificial intelligence (AI) and other frontier technologies. The country aims to draft policies that not only harness the potential of these technologies but also ensure their responsible and ethical use. To this end, the Philippines is keenly observing the European Commission’s development of similar policies, reflecting a commitment to learning from global best practices.
The significance of this bilateral meeting was further underscored by the historical context. Secretary Ivan made history by leading the Philippine delegation to the TDS, becoming the first DICT Secretary to do so. The delegation, composed of distinguished individuals from various government departments, exemplified the nation’s dedication to fostering international collaboration in the digital realm.
The Tallinn Digital Summit, an annual gathering of world leaders from digital nations, serves as the perfect backdrop for such ground-breaking agreements. This year’s summit focused on promoting open, resilient, and responsive governance worldwide. Estonia, as one of the world’s digital pioneers, consistently earns top rankings in global indices for digital public services, cybersecurity, and internet penetration. It’s a testament to their commitment to harnessing the power of technology for the betterment of society.
The agreement between the Philippines and Estonia in the realms of e-governance and cybersecurity is not just about strengthening ties between the two nations; it’s about fortifying the digital defences of the global community. In an age where technology is both an asset and a potential threat, such collaboration represents a beacon of hope, a shared commitment to harnessing the digital era’s potential for the greater good of all.
The National Cyber and Crypto Agency (BSSN) consistently strives to enhance the cybersecurity capacity of academics and technical cybersecurity training institutions in Indonesia through collaboration. It aligns with the goal of creating an open, secure, stable, and responsible cyberspace, as outlined in the Indonesian National Cybersecurity Strategy established in Presidential Regulation Number 47 of 2023 concerning the National Cybersecurity Strategy and Cyber Crisis Management.
The ongoing collaboration in progress is the Indonesia Academic Forum for Cyber Security, organised as an implementation of cooperation between the United States Agency for International Development (USAID), the Korea International Cooperation Agency (KOICA), the Embassy of the United Kingdom, and the National Cyber and Crypto Agency’sAgency’s Polytechnic for Cybersecurity and Cryptology.
This forum also catalyses the potential to drive collaboration with countries that support and share similar initiatives. Notable attendees included Hinsa Siburian, the Head of BSSN, Jeffery Cohen, the Mission Director of USAID Indonesia, Jeong Yun-Gil, the Country Director of the Korea International Cooperation Agency (KOICA), Samuel Hayes, the Head of Digital Economy at the British Embassy in Jakarta, David Stanley, the Project Director of Digital Asia Accelerator (DAI), Tjahjo Khurniawan, the Director of the National Cyber and Crypto Agency’sAgency’s Polytechnic for Cybersecurity and Cryptology, along with senior officials from BSSN, guest speakers, and forum participants.
During the forum, the Head of BSSN emphasised the importance of proactively addressing cybersecurity threats, emphasising that the gradual, incremental, and continuous improvement of capacity, capabilities, and quality regarding human resources, processes or governance, and cybersecurity technology is a top priority. He underscored that failure to anticipate these threats could jeopardise Indonesia’sIndonesia’s digital economy potential, projected to reach a value of Rp 4.531 trillion by 2030.
Furthermore, he highlighted the pivotal role of human resources, stating that they play the most significant part in successfully implementing cybersecurity measures. However, he acknowledged that human resources are the weakest link in the cybersecurity chain, necessitating ongoing capacity and capability-building efforts.
“In line, the enhancement of capacity for academics and technical cybersecurity training institutions takes precedence. This is essential to produce reliable and professional cybersecurity and cryptography experts,” Hinsa Siburian emphasised.
Meanwhile, Jeong Yun-Gil, the Country Director of KOICA, underscored the significance of engaging renowned experts from Korean universities and international technology companies, noting that their participation added a dynamic dimension to the forum’s discussions.
The spotlight on Korea’s cybersecurity research and development strategy is an exemplary model for countries striving to enhance their cybersecurity resilience. The collaborative exchange of ideas and experiences among experts from diverse backgrounds enriches the discourse, fostering a deeper understanding of cybersecurity’s multifaceted challenges and opportunities. This dynamic dialogue benefits Indonesia and contributes to the global discourse on bolstering cybersecurity capacities and strategies.
In his address, Jeffery Cohen, the Mission Director of USAID Indonesia, articulated the United States Indo-Pacific strategy, reaffirming USAID’s unwavering commitment to supporting and assisting partner countries in confronting cybersecurity intrusions. This strategy underscores the United States’s dedication to fostering a secure digital environment in the Indo-Pacific region.
As a key stakeholder in cybersecurity in Indonesia, BSSN consistently endeavours to convene experts, professionals, and communities under a single roof. The agency’s overarching goal is to facilitate the exchange of insights, the sharing of ideas, and the collaborative forging of pathways toward a more secure digital future.
BSSN recognises the value of creating a collective platform where expertise converges, fostering a robust and collaborative ecosystem that benefits Indonesia and contributes to the broader international cybersecurity landscape. This commitment to cooperation and knowledge exchange is pivotal in addressing the complex and evolving challenges in the digital realm and charting a course toward a safer digital era.