THE classic approach in securing the network is no longer valid, and organizations need to take a layered approach on this important matter to protect their data and information.
Cherif Djerboua, regional head of Asia and the Middle East of Trend Micro, sounded this alarm, saying this doesn’t involve securing the perimeter and everyone’s endpoint. “We really need to consider a completely different approach. We need to have partnerships between governments and security companies, which is what we’re doing at Trend Micro in terms of training and knowledge sharing,” Djerboua told BusinessMirror in a recent interview.
For each layer, he said organizations have to introduce the right rules and techniques in the overall scheme. Moreover, he added that organizations, whether public or private, should adopt a proactive stance in securing the network. “It’s quite wrong that you have a sense of urgency only when you’re attacked,” he said.
Cybercrime is growing in frequency and sophistication, and the availability of sufficiently skilled industry professionals is falling behind. In fact, according to Isaca, a nonprofit information-security advocacy group, there will be a 2 million global shortage of cybersecurity experts by 2019.
In the opening keynote of the recent Decode conference, Djerboua illustrated the extent of cyberthreats globally.
In the first half of 2017, the biggest security threats involved malware infections due to insecure systems, particularly those with unpatched vulnerabilities. The period also saw malicious and fake applications take advantage of popular titles to trick users; hacking toolkits used in various cybercriminal infection campaigns; and online-banking malware targeting user credentials.
“Hackers are learning about us as individuals, our corporations and governments; and they are adopting and changing their tactics and leveraging different techniques,” Djerboua noted.
In terms of developing the manpower, Djerboua pointed out it will be awareness and training that are going to be the most important. As far as the security professionals are concerned, Djerboua stressed there’s going to be a dearth of experts around the world who can secure networks whether in the public or private sector. “The lack of security experts is definitely going to be a challenge for everyone. We need to complement in terms of readiness the training of these professionals and in terms of what we’re doing,” he said.
“As they face technological innovations, market forces and the constantly evolving threat landscape, information technology and cybersecurity professionals must be equipped to transform the perceived weakest links in their organizations into their strongest codefenders.”
For its part, he said Trend Micro is doing its share by working with different universities in the Philippines and other pars of the world by training engineering students in cybersecurity, not only to provide quick response but also ensure comprehensive coverage for each of the region.
He said the company also offers technologies that secure organizations from the start to the endpoint, regardless if they’re dealing with desktops, the mobile world, or the Internet of Things (IoT).
Regarding IoT, Djerboua said Trend Micro sees a lot of challenges given that many IoT devices were not designed to have strong security features. “If we change the mentality and basically the design of the devices from the ground up, we will have lesser concerns,” he added.
In the light of the recent hacking incident experienced by a major transport network vehicle service provider, he warned that rewarding hackers is never a solution to the security problem.
“It will just got worse. The biggest motivator depends upon the origin of the hacker. For instance, Trend Micro found in their study that money wasn’t the main motivation of hackers in the Middle East,” he said. For a major cybersecurity company like Trend Micro, Djerboua said it has to understand the underground world and the kinds of threats it unleashes. Studies done by the company are available to users and nonusers of Trend Micro so they can have a better understanding of the threats.
He stressed that collaboration is an important component of tackling the challenges of cybersecurity. Trend Micro shows its leadership by cooperating and working with governments and competitors to ensure that customers, end-users and citizens at large will be protected.