Why the biggest cyber-security risk in the ASEAN-Australia region is ignoring it entirely

This op-ed is part of AASYP’s Digital Dialogues 2021, which is a programme that aims to provide a platform and forum for future leaders from across the region to contribute to the policymaking and diplomacy sphere by engaging in issues relating to Gender and Diversity, Green Recovery, and Emerging Economies.

Most would agree that digitalisation is vital to the development of the ASEAN-Australia region, especially in the wake of the COVID-19 pandemic. Digitalisation provides many incredible development opportunities, such as the growth of small-to-medium size e-commerce enterprises, simplifying and improving accessibility of government processes, as well as offering a platform to upskill and reskill a growing workforce that is transitioning towards the digital space.

At the same time, these opportunities also come with significant risks. This article will explain the cyber-security risks facing the ASEAN-Australia region and illustrate how the most significant risk we face in our development – is ignoring cyber-security entirely.

In 2020, the disruption caused by the COVID-19 pandemic forced the world to conduct the majority of their activities online in an unprecedented manner, including an estimated 40 million people in the ASEAN-Australia region who went online for the first time. With the United Nations previously, though unofficially resolving that internet access is a human right, this is undoubtedly a positive outcome. However, we must also consider the cyber-security dangers of having masses of people with no prior internet experience now suddenly having unlimited access from being online. 

Specifically, online activities require individuals to take an entirely new set of security precautions. For example, when one shops at their local retail store, they may be wary of a thief stealing their wallet and take precautions to prevent this from occurring. However, when shopping online, one must prepare for an entirely different set of security risks, such as phony websites, scam emails claiming to be from the retailer, having one’s online transaction details compromised, and so on. We need to ensure that new internet users are aware of these risks and understand how to protect themselves in the cyberspace. 

In addition, digitalisation poses new cyber-security risks to companies of all types that have online presence, from small businesses to large multinational conglomerates with a massive regional presence. In 2020 alone, more than 80% of businesses in the Asia-Pacific suffered a cyber attack to various degrees. Furthermore, fears around cyber-security are a significant factor in the growth – or lack-there-of – of digitalisation in the region, with 60% of Asia-Pacific businesses saying that they are putting off digitalisations because of fears of cyber-attacks.

Unfortunately, the COVID-19 pandemic has exacerbated these issues. Whilst businesses and persons with limited cyber-security literacy have previously been able to slowly delve into the online world with proper training, COVID-19 has forced many to completely, and often unwillingly, adapt their entire lives or business models to be online in the space within the span of a few short months. Because of this, we face a significant backlog of cyber-security training needed across many sectors of society.

In addressing this problem, a potential solution would be to increase the accessibility of cyber-security training to those who need it the most. This would involve, firstly, identifying the demographic of the 40 million new internet users, and, secondly, by having certified professionals participate and directly engage with the participants to deliver the relevant training in-person. 

As a long term solution, it would be imperative to train the next generation of internet users. This could potentially involve including cyber-security in educational curriculums in ASEAN and Australia, particularly primary and secondary schools. These curriculums could teach the basics of cyber-security measures, such as installing a virus protector and how to tell a scam email from a legitimate one.

Meanwhile for businesses, small-to-medium enterprises may benefit from greater access to free online resources that are specifically tailored to their needs. Whilst large enterprises are still subject to cyber-attacks, they are also more likely to have (or be able to afford) designated technology or cyber-security teams who can assist them in handling their online affairs safely. However, small-to-medium enterprises may require more government assistance. Measures such as a designated online cyber-safety information hub could help ease businesses’ fears with moving online. In addition, these pages could also highlight the benefits of moving online, such as a larger consumer base.

Digitalisation indeed provides many great opportunities for the ASEAN-Australia region. In fact, if it were not for the digitalisation that occurred in the last 20 years prior to COVID-19, we likely would have faced a much worse fate in being unable to rapidly shift to remote working arrangements. However, we must ensure that when we encourage digitalisation across the region, it is done so in an inclusive manner, and in a way that acknowledges the unique security challenges that the online world poses. It is our responsibility to ensure that our lack of cyber-security awareness does not harm the exact people digitalisation is trying to benefit. 

This article was written by Jessie Michelle Storey, edited by Dhini Hardiyanti, and reviewed by the AASYP Publications Team.

Note: The views and opinions expressed in this op-ed are solely those of the writer and in no way represent nor reflect the position of AASYP and members of the AASYP Publications Team. The AASYP Horizons Blog provides a platform for the free expression of opinions and intellectual discourse.

More to explore