New cybersecurity centers in India and Pakistan will play an essential role in building a safer digital environment, according to Microsoft regional director, Eric Lam

Last year, India’s Aadhaar biometric identity system suffered a massive security breach, with 135 million records believed to have been leaked – just one example of the way that South Asia’s cybersecurity efforts are failing to keep up with technological advancements.

According to a recent report from EY, fewer than half of Indian organizations have a formal threat intelligence program, and only one in five has fully considered the information security implications of their organization’s current strategy and plans.

Meanwhile Pakistan, which lacks any central authority for dealing with cybersecurity incidents, has been rated only the 23rd most committed country in the world in terms of cybersecurity readiness by the International Telecommunications Union.

“Asia’s emerging economies are among the world’s most vulnerable and exposed to malware, with Bangladesh and Pakistan at the top the global at-risk list.

“Approximately one in four computers running Microsoft real-time security products in these countries reported a malware,” Eric Lam, director of Microsoft Asia’s enterprise cybersecurity group, told The Daily Swig.

“For these emerging markets, besides having more lax regulations and less proficient IT management compared to more IT-mature markets such as Australia, Japan, and Singapore, one of the key elements that can contribute significantly to the high level of malware encounter rates in these economies is the widespread use of malware-infused pirated software.”

But in both India and Pakistan, new cybersecurity centers now under development are aimed at changing all that.

In Pakistan, a new National Centre for Cyber Security was inaugurated earlier this month. Based at the Air University in Islamabad, it incorporates affiliated labs at a dozen other universities around the country and is intended as a hub of innovation and scientific research.

The aim is to develop tools and technology to protect Pakistan’s cyberspace, as well as training up students through a four-year BS Cyber Security program.

“Cybersecurity has gained top priority in the new digital economy and internet of things era,” Pakistan’s development minister Ahsan Iqbal told The Daily Swig.

“Safeguarding critical infrastructure, services, data and protection from cyber-attacks is becoming more and more critical in the new digital economy.”

Meanwhile, the government of Telangana state in India and the Hague Security Delta (HSD) are creating a cybersecurity center in Hyderabad, modelled on HSD’s facility in The Hague.

“Our major emphasis will focus on critical information infrastructure protection, government network, e-governance, education and skill training, security software development, innovation of products ban services, and collaboration in forensic science,” says Zaki Qureshey, founder of E2 Labs and one of the task force members behind the initiative.

The center has the backing of more than two dozen companies, government bodies, and research institutions, and will offer help and expertise to any local organizations with cybersecurity issues.

The move is part of growing cooperation between Southeast Asian countries and the wider security community. A new ASEAN Cybersecurity Cooperation Strategy was adopted in 2017, and nations in the region have also been working with international organizations such as Interpol and the United Nations.

Microsoft, too, has been opening security centers in the region, and Lam says he welcomes the Islamabad and Hyderabad initiatives.

“I believe that these cybersecurity centers – whether their aim is to research cybersecurity technologies, gather intelligence on cybersecurity, design frameworks and policies to help organizations strengthen their security posture – all play an essential role in building a safer digital environment in the market by encouraging a more comprehensive, cross-company and cross-industry approach to cybersecurity,” he says.

“These centers will support, collaborate and enable enterprises and governments to protect citizens, public services, and national infrastructure from cybercrime threats, as well as meet rigorous cybersecurity requirements by building strong capabilities to protect, detect and respond to cyber incidents.”