Cyber security skill shortage a key issue in SEA

By : |August 10, 2015 0
Spending is usually focused on the latest ‘hip’ thing security companies tout

SINGAPORE: Educating and acquiring people with the right skills is the need of the hour in South-East Asia, feels Edward Lim, RSA South-East Asia managing director.

Infact the lack of talent is such an issue even RSA customers are facing a challenge in finding and employing people with the appropriate skills to analyse and deal with attacks and threats to enterprises, he told press persons on the sidelines of the RSA Conference Asia Pacific & Japan (RSAC APJ) 2015.

According to the RSA managing director, acquiring new technology is not a big issue in the region. “We are facing the talent issue even when we have increasingly sophisticated threat actors and the increasing need for cybersecurity. This is creating an “interesting dynamic” in the South-East Asian market where enterprises’ security “expenditure has increased with little reduction in disruption,” he remarked.

Enterprises are pouring money into their security measures, but such spending is usually focused on the latest ‘hip’ thing security companies tout and not necessarily on what enterprises may actually need, he argued.

“A lot of customers are rushing to act because of the pressure to act, from regulatory requirements or security incidents,” Lim said.

“[Their security spending] depends on what marketing message the vendor community throws at them … if they say you need more malware detection capabilities, you spend more money on it,” he added.

Lim said he hopes to see more “enlightened” enterprises which look beyond the latest marketing hype.

“Only more enlightened customers will go beyond malware detection capability and say, ‘Yes, I need malware detection but I also need visibility and I also need authentication’,” he said.

“They also know that half the time they get into trouble because they don’t know how to respond,” he added.

Lim said that enterprises should approach security the same way they approach disaster recovery: With structured responses and capabilities, and not by reacting wildly when faced with an attack.

No Comments so fars

Jump into a conversation

No Comments Yet!

You can be the one to start a conversation.