Report: Asean not spending enough on cybersecurity


Source: Free Malaysia Today

PETALING JAYA: Although awareness of digital attacks is high, Asean countries including Malaysia are not spending enough on cybersecurity, a global consulting firm says.

In a report released on Tuesday, AT Kearney said in 2017, Asean countries collectively spent only 0.06% of their GDP, or US$1.9 billion (RM7.4 billion), on cybersecurity.

This was in contrast to the global average of 0.13%.

AT Kearney’s head of communications, media and technology for Asia Pacific, Nikolai Dobberstein, told CNBC that Asean should, at the very least, come close to the global average.

The report meanwhile recommended that Asean increase its spending on cybersecurity by 0.35% to 0.61% of its collective GDP (US$171 billion) between 2017 and 2025.

The issue of cybersecurity has been in the limelight following reports of massive data breaches identified over the past few months.

Last October, technology news site said the data of 46.2 million mobile phone users, including postpaid and prepaid numbers, customer details, addresses and SIM card information, had been leaked online.

The data also contained personal data from some medical associations and a jobs portal.

Cybersecurity experts said the breach was extensive enough to allow criminals to create fraudulent identities to make online purchases.

On Tuesday, meanwhile, Lowyat said files containing details of 220,000 pledged organ donors were leaked online as early as September 2016.

Leaked data included the donor’s name, identification card number, race, nationality, address and phone numbers. It also contained details of each organ donor’s nominated next of kin, taking the total number of data leak victims to 440,000.

In its report, AT Kearney warned that Asean’s failure to increase its spending on cybersecurity could end up costing the top 1,000 companies in Southeast Asia some US$750 billion in market capitalisation.

It said countries like Malaysia, Indonesia and Vietnam, in particular, had become hotspots for “suspicious web activities”.

This meant that hackers were using valuable, unsecured infrastructure in those countries to launch cyberattacks, it added.

Although awareness of such challenges in the region appeared high, a cybersecurity expert told CNBC it was important to note where governments were investing.

“Are they solving the right problems? Are they investing in the right technology? Are they forming the right partnerships?

“These are the more important questions to ask,” managing director and vice-president for Asia Pacific at cybersecurity company Trend Micro, Dhanya Thakkar, was quoted as saying.