Cyber security is big business, and its biggest customers are governments. Asia Pacific’s biggest data security conference has just ended in Singapore, with the emphasis very strongly on the business issues of the technology, rather than the technology itself.
The fourth annual Asia Pacific RSA conference was held in Singapore’s cavernous Marina Bay Sands Expo and Convention Centre. There were over 5000 attendees and more than a hundred exhibitors.
RSA, a subsidiary of software and services giant EMC, is one of the world’s largest cyber security companies. Its conferences are major events. CEO Amit Yoran said in his keynote speech that most chief security officers are reevaluating their security strategies over the next 18 months.
“They are doing that because more and more cybersecurity is moving to the boardroom. Executives and boards are asking more questions than ever before. With all the money they have been spending, they want to know the business impact should a breach happen.
“CEOs and boards don’t care what caused the breach. What they do care about is overall impact to the business. We need to unite the details of security with the language of business. The core of this new perspective on cybersecurity is the need to provide better, more comprehensive insights than legacy tools and systems can provide. We call this business-driven security.”
Government News asked Mr Yoran how this change of emphasis was affecting government. “This is just as true in the public sector,” he said. “It’s about having enough data to make the right analysis. Enterprises need to think about their return on investment, and governments about their ability to achieve their objectives.”
Cyber security has become a major focus for the Turnbull government. The recently announced ministry includes for the first time a portfolio, or at least a job title, that uses the phrase. Dan Tehan, member for Malcolm Fraser’s old seat of Wannon and former chair of the Parliamentary Joint Committee on Intelligence and Security, is now Minister Assisting the Prime Minister for Cyber Security.
He is also Minister for Veterans’ Affairs, Minister Assisting the Prime Minister for the Centenary of ANZAC, and Minister for Defence Personnel, a grab-bag of responsibilities that at least indicate that the government is taking cyber security seriously. In April Prime Minister Malcolm Turnbull released the government’s $230 million Cyber Security strategy, and there now exists an Australian Cyber Security Centre to coordinate activity between government and industry.
The strategy will include the new role of Cyber Ambassador, who will “lead Australia’s international engagement in advocating for an open, free and secure internet, based on our values of free speech, privacy and the rule of law.” The Cyber Ambassador, who has not yet been appointed, will work with regional and global partners to combat cybercrime and share threat information.
A willing regional partner will be Singapore, with which Australia has strong defence ties – the island nation’s army and air force do much of their training in Australia. At the RSA conference Home Affairs Minister K Shanmugam announced a National Cybercrime Action Plan, with new legislation to be introduced in 2017.
“The plan is a coordinated effort to fight cybercrime – to take an approach to really deter, detect and disrupt cybercriminal activity and to create a safe and secure online environment in Singapore, as far as possible,” he said.
He outlined four key principles: “First, prevention. Second, a quick, strong response to cybercrime. Third, making sure that the legal framework is robust, and fourth, this cannot be done by us alone. It has got to be done in partnership, so it is a shared responsibility.”
He made special mention of Interpol’s Global Complex for Innovation (IGCI), which is based in Singapore and acts as the organisation’s global hub on cyber crime. He did not mention Australia by name, but made it clear that by shared responsibility he meant relationships with industry and with other governments.
[Graeme Philipson travelled to Singapore as a guest of RSA.]
It is a growing industry, cyber security, and governments seem to need it more than ever.
I agree with Jane, as technology continually evolves it’s more important than ever to ensure businesses feel safe online.