Singapore bids to snuff out APT fire as threats spell double trouble for APAC

Last week APT and anti-malware firm FireEye announced the creation of a new Cyber Security Centre of Excellence (CoE) in partnership with the Singaporean government. It didn’t make many headlines outside of the city state but I think it’s worth a second look for a few reasons.

First up, FireEye is pledging 100 trained security professionals to this new regional hub, to provide intelligence to help the local government protect its citizens and infrastructure from attack as well as benefitting the vendor’s customers across APAC.

FireEye is one of the few infosec companies I’ve spoken to in this part of the world that is prepared to talk at length about the specific problems facing organisations in the region. More often than not when I try to go down this avenue with a vendor I’ll be told about how threats are global these days and attacks follow similar patterns no matter where you are on the planet.

While I know this is true to an extent, it was nevertheless refreshing to hear FireEye’s APAC CTO Bryce Boland tell me that the reason for building a team in Singapore was to have the necessary local language and cultural skills to deal with specific regional threats.

“We have a lot of countries here, many of which have tense relationships, so we see a lot of that boil over into cyber space,” he told me.

As well as the various hacktivist skirmishes that periodically hit the region, such as those between the Philippines and Indonesia or China and Japan, there are also more serious IP-stealing raids which stems from the fact that APAC represents more than 45 per cent of the world’s patents, Boland added.

As a result, regional organisations face almost twice as many advanced attacks as the global average.

Another reason the news of FireEye’s new CoE warrants attention is what it says about the approach to cyber security by the respective governments of Singapore and Hong Kong.

Although Hong Kong threw HK$9 million (£730,000) at a new Cyber Security Centre in 2012, my impression is that Singapore is more proactive all round when it comes to defending its virtual borders.

It was a view shared by Boland, who pointed to Singapore’s ability to attract and support infosec players looking to build regional headquarters there, as well as its efforts to attract globally renowned speakers to an annual security expo.

In my experience, what few events there are in Hong Kong are poorly attended, attract few speakers from outside the SAR, and rarely provide the audience with anything like compelling or useful content.