Cybersecurity in a borderless, globalised world
By BeyondTrust
Digital interactions today happen across devices, organisations and even borders. In such an environment, how can organisations come together to defend the cyber world? Cybersecurity experts from the Southeast Asia Cybersecurity Consortium discuss.
 - NEW (24)-1692005070052.jpg)
With cyber threats spanning borders, cybersecurity experts from the Southeast Asia Cybersecurity Consortium emphasise the need for stringent privilege access and identity controls. Image: Canva
It is inevitable that every company that wishes to remain relevant today needs to be a part of the digital economy.
So said Johnny Kho, President of the Association of Information Security Professionals (AiSP), who was speaking at a fireside chat organised by cybersecurity provider BeyondTrust, titled “Defending the Digital Borders”, alongside other leaders from the Southeast Asia Cybersecurity Consortium (SEACC).
Didi Nurcahya, Member of APTIKNAS (Association of Information and Communication Technology Entrepreneurs) and Partner at Indonesian cybersecurity firm Dtechcorp, chimed in: “Enterprises are boundary-less today with anytime, anywhere, any-device access for both employees and customers becoming a mandate.”
And this digital transformation calls for organisations to adapt their approaches in securing their critical assets, systems and people.
For a long time, organisations have sought to create a strong buffer between privately or locally managed networks and the internet, according to Mel Migriño, President of the Women in Security Alliance Philippines and Executive Committee Member of the ASEAN CIO Association.
This is particularly true for organisations in highly regulated sectors such as banking. These organisations rely on limiting external, unauthorised access to internal servers and carefully monitoring inbound and outbound requests to defend against data breaches, Migriño explained.
But recent developments such as the advent of the Internet of Things (IoT) and the Industrial Internet of Things (IIoT), alongside the proliferation of technologies enabling more dispersed and mobile workforces such as teleconferencing, are forcing companies to adapt to the growing interconnection of assets, devices and users, she said.
The question then arises: how can organisations bolster their cybersecurity posture as opportunities for malicious activity rapidly expand?
Importance of privilege access and identity controls
Over-privilege is one of the biggest issues in cybersecurity today, as employees within organisations often have unfettered access across various applications and platforms, observed Ben Wong, Director, Channel & Alliances, APJ, at cybersecurity provider BeyondTrust. In fact, a survey of Singapore IT leaders by BeyondTrust late last year found that 54 per cent believe that employees in their organisations have excessive privileges, beyond what is required to do their jobs.
Traditionally, passwords and multi-factor authentication are used to control access, Kho shared. But the problem arises when there are a growing number of assets that are not properly controlled or validated against policy.
This is why Nurcahya recommends shifting from passwords and multi-factor authentication to identity-based security. Identity, as he defined in the session, refers to that of the users who require access to various digital assets.
Oftentimes, threat actors that manage to infiltrate an organisation’s network through a user’s identity find themselves with broad access to move laterally across the digital environment, as credentials and privileges of users have not been properly secured, Wong explained.
“From a best practices standpoint, we have to start looking at how we use privileges to make sure that things like that do not happen and are better managed in any organisation,” he said.
This is a trend that is already occurring. Wong pointed out how Australia, for instance, has implemented the Essential Eight framework, which requires government entities as well as organisations that wish to work with the government to meet a set of technological requirements. These requirements include needing to restrict admin privileges granted to users, multi-factor authentication and application control.
Besides privilege access management, Migriño also highlighted the importance of cybersecurity education being a top priority, especially for privileged or high-risk users.
“That means that when we consult our clients, we educate them to make sure that identity security includes authenticating every identity accurately, and then authorising each identity with proper permissions,” Nurcahya added. Upon the authorisation of each identity, organisations then need to ensure that access is provided in a structured manner that can be audited and accounted for, he said.
The need for collaboration
The countries in Southeast Asia have always collaborated with one another, whether it is through government, businesses, or even associations, said Kho. But such interactions have usually been on a one-to-one basis.
This, he explained, is why the creation of SEACC was so vital - to help strengthen cybersecurity for the region as a whole.
“The beauty around it is … that there is [now] a facility for information sharing,” said Migriño about the consortium. It gives each member country the opportunity to impart best practices that have been successful, she explained.
“Along the way, there must be slightly different perspectives … but altogether, we must unite and consider that the real enemy is actually the threat actor that compromises organisations or even our countries in the Southeast Asia region,” Nurcahya said.