Talent wanted: Rise of cybercrimes herald bright future for talents in cybersecurity
KUALA LUMPUR: Finnish cyber security and privacy company F-Secure Corporation sees Malaysia as a favourable destination for talents as the country and its neighbouring countries have an ample pool of existing local talents.
The company has partnered with several institutes of higher learning as well as various government agencies such as Malaysia Digital Economy Corporation (MDEC) to ensure the on-going development of a viable local talent pool.
According to F-Secure Corporation general manager and director Ingvar Froiland, despite the available talents, there is still a massive global talent shortage in the cybersecurity industry that needs to be addressed.
“Sadly, there are those who have turned their talents to work against the industry.
“It’s not necessarily only by choice, but there are some talent in countries with few real opportunities and that forces some hands,” said Froiland.
He said as a career tip, those looking for job prospects in this industry for job prospects can now be assured of fantastic opportunities.
F-Secure started research activities in Malaysia, following the setup of F-Secure Corporation (M) Sdn Bhd more than 10 years ago and Kuala Lumpur is its Asia-Pacific hub.
“Bangsar South houses our second largest engineering team and plays host to almost 200 staff here.
“MDEC and other government agencies have been extremely supportive since back in 2006, and the company saw a strong investment incentive in the country,” he said.
The Asia region to F-Secure is developing and challenges are expected as the region takes the digital route.
F-Secure has looked towards the small and medium size business segment (SMB) in the Asia region as a strong starting point of operations.
“On a global level, our business is about 50-50 between consumer and business but we are increasingly focused on B2B (business-to-business).
The global consumer cybersecurity market is around 5 billion whereas B2B is around 80 billion and growing extremely fast.
“What we are currently investigating is the paradigm shift in the industry.
In the past, we’ve been looking at stopping attackers but now that’s simply not enough. We need to be able to create technologies and capabilities that act like an alarm system,” said Froiland.
Comparing businesses in Asia and Europe, there are not many differences in the approach to cybersecurity, but a more notable difference would be in consumers.
“In this region, most consumers would not pay for software and prefer freeware.
“However, even in this we are seeing realisations from consumers that even if they are not paying in cash, they are paying in the form of their own private data for this free software. They give up their own privacy,” he said.
F-Secure has been firm on customer privacy and absolutely does not sell customer data or compromise on customer privacy.
This is true whether in paid or free versions of their software.
He further pointed out that one distinction in the region is the extensive use of social engineering, for example, Chinese New Year.
Cybercriminals would take the opportunity to send themed messages such as emails and people would open them not knowing it would be a targeted attack.
“In this area, artificial intelligence (AI) has played a massive role and machine learning has been the core of our operations.
“We started this more than ten years ago, and found that attack tools have been polymorphic. This means that the viruses mutate and increasingly, attacks are becoming very unique in nature.
The pace is so rapid that we recognise that we cannot keep up without AI and machine learning,” he added.
In a nutshell, Froiland said the growth of the cybersecurity industry has been on an upscale trend thanks to ‘weaponisation of code’.
From 1994 till around 2014, the Internet world could enjoy online communication and commerce, but with the evolution and increasing uptake of mobile and Internet-of-Things (IoT) devices, cybersecurity is progressively becoming the central point of the digital world.
“Cyberattacks have been growing in volume and complexity. The bad guys are getting smarter and more innovative.
“The planet is digitising at an amazing speed and businesses that have been offline are increasingly moving forward with technology,” he said.
“Cybercriminals have been operating increasingly operating like major businesses,” he added.
“Overall connectivity is increasing and everything is programmable.
“That makes it hackable and that drives demand for cybersecurity services. There is no way anything is unhackable. If something is not yet hacked, it just means that no one has tried seriously yet,” he continued.
Froiland elaborated that there are different interest groups in cyberspace, adding that one of the biggest groups are the cybercriminals who are of course, after money.
Another group would be hacktivists, who are seeking a voice through their actions while a third group would be the extremists, who are similar to hacktivist, but are driven by malicious intent, “they want to destroy and disrupt infrastructure”.
“Fourth, we have the nascent state operators such as countries, which frustratingly are mainly unactionable, but thankfully extremely targeted in nature.
“Each of these interest groups operates differently and have different objectives. In Southeast Asia, cybercriminals are the most active group, but this applies globally, not to just the region.
“99 per cent of activity is by cybercriminals who are after money,” said Froiland.
He also cited Ransomware, which was one of the hottest themes in 2016, whereby cybercriminals does not specifically target consumers or businesses, but floods the world with programmes meant to lock users out of their own files and extort them for money in exchange for freeing those resources.