The B2B team sits down with Dr. Astrid S. Tuminez, Microsoft’s regional director for legal and corporate affairs in Southeast Asia, to discuss e-commerce, cybersecurity, piracy and other hot topics in the ICT sector.
Tuminez joined Microsoft in October 2012 as the Regional Director of Legal and Corporate Affairs (LCA) in Southeast Asia (SEA). She is also an Adjunct Professor, the former Vice-Dean (Research) and Assistant Dean (Executive Education) of the Lee Kuan Yew School of Public Policy.
B2B: What are some of the megatrends today in the ICT industry?
Tuminez: The megatrends today are mobile, social, big data and cloud. People, devices and intelligence are all mobile, powered by innovative apps running on the cloud. We have also become more social, sharing with friends and others many parts of our lives and activities.
As a result, we see around us a data revolution – in fact, we are drowning in data! How do we harness all this data? With the massive power of cloud computing, we can analyze large amounts of data that businesses collect and store. In fact, 90 percent of business leaders cite data as one of their key resources and fundamental differentiator. Today, the ability to process big data can transform observations into insights, and insights into answers, thereby enabling businesses and other organizations to become more productive, competitive, and effective in serving their clients.
Our CEO, Satya Nadella, has rightly underlined that we live in a mobile-first, cloud-first world. It is the age of a new industrial revolution, powered by ICT. The core principle that informs our products and services is TRUST. People will only use technologies they trust, and the promise of productivity, empowerment, global platforms and so on can become reality only if people trust the applications, devices and cloud services that power their personal and professional lives. We want to deliver the best experience to our customers and partners, alongside a deep commitment to cybersecurity, privacy, compliance and transparency.
B2B: What security risks do this bring, and how can developing countries like Cambodia protect themselves?
Tuminez: We live in the age of mobile, social, big data and cloud. We are more connected than ever before. It is a very exciting time, but one fraught with peril. The biggest risk is cybercrime, which is a $450 billion industry. In the old days, cybercrime was random and infrequent. Today, it is in the realm of organized crime, happening at great speed, yielding big profits, and exempts no one. Individuals, corporations, and governments have all suffered hacking. Personal privacy has been breached, and sectors like financial services have been targeted. Recently, newspaper headlines declared that only a typo prevented $1 billion from being stolen from the Bangladesh Central Bank (the cybercriminals got away with $81 million before they were caught).
Cybercrime destroys trust, and limits the ability of people to harness the positive power of ICT. A key facilitator of cybercrime is malware, which facilitates the work of cybercriminals. Numerous studies have confirmed the correlation between the use of unauthorized or pirated software, on one hand, and malware infections, on the other. In 2014, the National University of Singapore and market research firm International Data Corporation (IDC) estimated that consumers in Asia Pacific would spend about US$10.8 billion (more than 40 percent of world total) to identify, repair and recover data, and deal with identity theft facilitated by malware that comes with pirated software. The study also projected that infected pirated software and lost data would cost enterprises in the region around $229 billion (more than 45 percent of world total). Cambodia is known to have a 95+ percent piracy rate. This implies that a malware-rich ICT ecosystem is probably costing Cambodia much more than the “savings” from using pirated software. In addition, the country’s ICT ecosystem has embedded vulnerabilities that could make it an attractive target for cybercriminals.
Microsoft makes huge investments in the global fight against cybercrime. We run a state-of-the-art Cybercrime Center in Redmond, Washington, and have launched a similar satellite center in Singapore and South Korea. We are educating people, governments, banks and corporations on good cyber-hygiene and ways to prevent, detect, and protect against cybercrime. We have also developed apps to protect vulnerable populations, including the elderly, who are often targets of fraud, and children, who may be targets of child pornographers. We believe in building a safe digital world for consumers, governments and businesses.
In Cambodia, we have partnered with the Ministry of Commerce and the US Embassy on education seminars to raise cybersecurity awareness. It is critical for the government of Cambodia, like other governments, to clamp down on piracy and ensure clean IT supply chains for Cambodian citizens. Otherwise, the country can suffer from huge cybercrime vulnerabilities. The government should also consider establishing a Cyber Defense Strategy because cybercrime is borderless and, as the economy grows, Cambodia will become a richer target for cybercriminals. Finally, private and public enterprises should seriously look at cloud computing as a pillar of secure operations and productivity. Whether you need an ICT infrastructure, platform, or software, it is safe to say that almost nothing matches the 24/7 security provided by cloud service providers.
B2B: Could you share some highlights from the recent global study your organization made with the National University of Singapore and their repercussion to business and information security?
Tuminez: The study, entitled “The Link Between Pirated Software and Cybersecurity Breaches,” surveyed 1,700 (807 from Asia Pacific) consumers, IT workers, chief information officers, and government officials in Brazil, China, France, Germany, the United Kingdom, and the United States, and analyzed 203 brand new computers acquired in Brazil, China, India, Indonesia, Mexico, Russia, South Korea, Thailand, Turkey, Ukraine, and the United States.
In the survey, 65 percent of Asia Pacific consumers say their greatest fear from infected software is the loss of data, files or personal information, followed by unauthorized Internet transactions (48 percent) and potential identity theft (47 percent). However, 41 percent of those same respondents do not install security updates, leaving their computers open to attack by cybercriminals.India, Indonesia, Japan, Mexico, Poland, Russia, Singapore, Ukraine, the United
In the survey, government officials express concern about the potential impact of cybersecurity threats to their nations. Asia Pacific governments worry most about unauthorized access to confidential government information (57 percent), the impact of cyberattacks on critical infrastructure (56 percent), and the loss of business trade secrets or competitive information (55 percent). Governments worldwide could lose more than $50 billion to deal with the costs associated with malware. The world’s highest enterprise losses will come from Asia Pacific ($138 billion), where organized cybercrime are likely to claim many victims.
In Asia Pacific, 32 percent of pirated software in enterprises is installed by employees, often unknowingly. 29 percent of enterprise respondents in the region reported security breaches causing network, computer, or website outages every few months or more; 66 percent percent of those outages involved malware on end-user computers. Infection rates are higher in emerging markets, where more consumers and enterprises acquire software and PCs from suspect sources – small specialty shops, street markets, consultants, and others. China and Thailand have the highest rate of PC infections and infections of software bundled with PCs.
Only 40 percent of all PCs are used in Asia Pacific, but IDC estimates that the region will account for 47 percent of the world’s pirated software in 2014. Despite lower labor costs to deal with pirated software, the region’s higher rate of infection and higher number of pirated software units lead to extensive recovery costs.
Forensic analysis conducted by NUS of 203 new PCs loaded with pirated software found that a staggering 61 percent of the PCs were pre-infected with malware, including Trojans, worms, viruses, hacktools, rootkits and adware. These PCs, purchased through resellers and PC shops in 11 markets, included more than 100 discrete threats.
B2B: In your work with governments, what have you found useful in terms of developing information technology, including e-commerce, and ensuring a secure, cost-effective and robust platform to conduct trade?
Tuminez: Public-private partnership would be key. Information technology advances very rapidly, and governments can tap on the private sector’s expertise and experiences in understanding worldwide trends, anticipated challenges and best practices in order to make policies that would be conducive to trade and FDI. Security, privacy, transparency, and compliance should all be developed as core pillars of e-commerce, especially as powered by cloud computing.