THE EDGE SINGAPORE - For FireEye’s Asean vice president Tan Yuh Woei, the biggest question for firms is not so much how much a firm spends on cybersecurity but rather, what they spend their money on. He observes that many clients often spend reactively on cybersecurity products when faced with a particular cybersecurity problem, resulting in an incoherent patchwork of multiple cybersecurity solutions that often lack the synergy to form a secure framework. Consequently, many clients complain that they feel no safer even after shelling out the big bucks on the latest and shiniest kit. 

“For cybersecurity, you need to have a plan. If you feel that security is important to you, sit back and think carefully about your existing state of affairs and the future state you want to get to,” says Tan, who encourages clients to exercise greater proactiveness and thought to secure their businesses from cyber threats. 

Such a plan, moreover, cannot merely be delegated to IT departments to deal with on their own, but rather, should also be thought about and planned by business leadership as well. Ultimately, it is management that has to face the media should a cyber attack disrupt firm operations, warns Tan. 

“As we plan our cybersecurity budgets for the next five years, we’ll need to broadly move towards behaviour-based cybersecurity systems that can better anticipate data loss incidents before they occur,” agrees security marketer Angelica Torres-Corral. Instead of only mitigating the damage after such events occur, these solutions will be better at preventing them from happening in the first place without blowing a hole in the company budget, she writes on the website of cybersecurity company Forcepoint, where she works. 

Unfortunately, while there is an increasing awareness about cybersecurity among business leadership in larger local firms, FireEye’s Tan notices a worrying lack of knowledge about important cyber issues pertinent to their businesses. 

Thus, FireEye regularly conducts board briefings for C-suite executives to educate them about these issues, educating them to ask the right questions so as to better consider and execute cybersecurity strategy. Leaders must consider if their firms are at risk of being targeted due to the value of their cyber assets, question if their systems have already been breached and consider if they are prepared to respond to a breach. 

“Putting cybersecurity at the heart of business strategy will help the financial services sector maintain and even enhance the trust of consumers, regulators and the media. For a start, the C-suite can no longer assume that cybersecurity is solely the responsibility of the information security (IS) or information technology (IT) departments. Instead, financial services companies must make cybersecurity a core part of business strategy and culture,” says EY in a report, which encourages firms to make cybersecurity a “part of everyone’s jobs” and develop intelligence and agility to identify and respond to cyber threats. 

It is this focus on strategy and a “whole company” approach to cybersecurity that Tan feels makes FireEye unique within the cybersecurity industry. The firm, he says, provides not only cybersecurity consulting to clients to help them develop their cybersecurity plans, but also threat intelligence and the software necessary for these plans to be carried out. “Fighting a cyberwar is like fighting a real war. You need soldiers, equipment and intelligence,” says Tan, whose Nasdaq-listed firm is positioning itself as a market leader in multiple practice areas like advanced malware sandbox and incident response. 

“The more I studied the problem [of cybersecurity], the more I was convinced this would be a defining problem in the 21st century,” FireEye’s founder Ashar Aziz once said — a vision that eventually turned the firm into the established, multinational cybersecurity expert known across the world today. With digital transformation faster than ever before, FireEye stands poised to resolve the great challenge foreseen by its founder that has now become a reality. 

 

Diamonds in the rough

With the rising demand for cybersecurity solutions as the world moves towards a digital economy, intrepid entrepreneurs are increasingly looking to tap into the cybersecurity wave. Companies like Lee Heng Yu’s Polaris Infosec have tapped on the creativity of their founders to develop never-seen-before cybersecurity solutions to add richness and choice to the cybersecurity market. The new entrants may provide lower-cost options for smaller firms as they seek to make a name for themselves in the market. 

Polaris Infosec prides itself on providing advanced threat intelligence services to clients in order to develop advanced awareness of future cyberthreats plaguing its clients. Offense is the best defence, Lee tells The Edge Singapore, and the young firm proactively searches for advanced intelligence for imminent or potential attacks that could threaten web security — their main practice area. This niche approach makes the firm well-placed to deal with unorthodox attacks, as it gives their experts a headstart in developing countermeasures. 

The US Director of National Intelligence’s Intelligence Advanced Research Projects Activity organisation probably best encapsulates Polaris’s approach. “Detection typically occurs in the later phases of an attack, and analysis often occurs post-mortem to investigate and discover indicators from earlier phases. Observations of earlier attack phases, such as target reconnaissance, planning, and delivery, may enable warning of significant cyber events prior to their most damaging phases,” it notes. 

Perhaps one of the most poignant ideas for Lee is Donald Rumsfeld’s concept of “unknown unknowns” — clients can often find themselves unaware of lurking cyberthreats until long after an incident of attack. “Cybersecurity is a space where a lot of people are not aware of what they are not aware of, and people don’t know how to seek help when they don’t know the threats facing them,” he says. State-sponsored actors tend to be the biggest source of these “emerging threats”, since they are more determined and targeted in their moves vis-a-vis private attackers who are typically more opportunistic, using tried and tested tactics on poorly-defended targets. 

For Lee, start-ups are important to the cybersecurity industry since they push the boundaries of what it constitutes. Polaris takes inspiration from Israeli cybersecurity start-ups and transport practices developed in the tough Middle East security landscape and adapts them for domestic markets. It provides both web security solutions and cyber threat consulting to educate businesses about potential risks. A diverse cybersecurity market with small firms co-existing with large firms creates a more secure landscape, says Lee, because it ensures the existence of many available solutions that can deal with the ever-changing threats of bad actors. 

Covid-19 could therefore prove to be adverse for the cybersecurity landscape, since smaller firms with innovative solutions may find it more difficult to survive cash flow pressures and reduced funding, resulting in a period of market consolidation. 

Fortunately, though, Polaris has had no shortage of funding. It is a member of Block71 (ICE71), a cybersecurity incubator launched by Singtel Innov8 — a joint initiative by Singtel and National University of Singapore. As an Asian firm, it also is looking to take advantage of growing venture capital interest in Asian cybersecurity start-ups. 

And Polaris is not alone — fellow start-ups have managed to draw in the big bucks despite Covid-19 disruption. In March, Singapore-based cybersecurity start-up Right-Hand secured US$1 million ($1.4 million) in seed funding from local early-stage VC fund Atlas Ventures alongside government-backed SGInnovate, as well as Entrepreneur First. More staggeringly, fellow locally-based start-up Horangi raised US$20 million in a Series B funding round led by Provident Growth, a Southeast Asian private equity firm. 

“Southeast Asia is one of the fastest-growing economies and digitising rapidly, but due to the shortage of security expertise in the region, organisations are increasingly turning to security experts,” says Horangi CEO and co-founder Paul Hadjy. George Do, chief information security officer of ride-hailing firm Gojek (also funded by Provident), also remarks that a holistic cybersecurity strategy and security-first approach is required from regional firms to deal with the challenges faced by Southeast Asia in the age of digitalisation. 

The pandemic may yet prove to be a source of business for the young firms. With companies increasingly realising the gaps in their cybersecurity frameworks, Lee predicts more consulting and staff training work for Polaris in the near future. With digitalisation becoming an ever more important part of the future workplace, the rapid expansion of the cybersecurity industry shows no signs of slowing down. 

 

Read also: