Asean countries have been slow to produce comprehensive national cyber security strategies and implement the necessary legal frameworks for security and critical infrastructure protection, according to research.
The BSA’s APAC cyber security study Dashboard found that all markets reviewed have gaps in their cyber security capabilities, and there are opportunities to improve the systems needed to protect against, prevent, mitigate, and respond to cyber attacks. It examined the national cyber security strategies of 10 countries in the Asia-Pacific region, of which four are Asean countries – Singapore, Malaysia, Indonesia and Vietnam.
BSA, an industry trade group that represents several software giants, considers it critical for countries to develop comprehensive national cyber security strategies and sector-specific plans that are practical, flexible, risk-based and respectful of privacy and other civil liberties.
“Implementation of sector-specific responses to cyber security in Asean, and in fact across the Asia-Pacific region is very limited,” said Jared Ragland, director, policy – APAC at BSA.
Simon Piff, associate vice-president, enterprise infrastructure at IDC Asia Pacific, agreed there is a lack of local legislation covering cyber security. “With no really meaningful data management laws in place, and absolutely no disclosure laws in most markets, the need to secure data is not as high on the agenda for most Asean organizations as it perhaps should be,” he said.
But Piff expects this to change soon as organizations that are in some way involved in a security breach may be expected to pay their share of lawsuit costs, which can be hefty. The lawsuit costs faced by Target and Home Depot could amount to $8m to $10m each.
“This means that a local organization that did not patch a web server that then gets used in a hack could potentially be liable,” said Piff. “While the laws may not yet be in place to deliver on this reality, such a reputation in the US or EU markets could severely cripple many local businesses.”
To date, Malaysia and Singapore have established public-private partnership initiatives to take advantage of private-sector experience in preventing, detecting, responding to and mitigating cyber security incidents. In contrast, said Ragland, Indonesia and Vietnam need to do more to leverage the private sector’s cyber security knowledge and best practices.
View the original content and more from this author here: http://ift.tt/1hciMkd
from critical infrastructure alliance http://ift.tt/1MMMyIr
via IFTTT
No comments:
Post a Comment