In today’s globalised business world, what happens in Shenzhen or Singapore may be just as important as trends closer to home. To that end, I recently offered IDG Connect the following round-up of the past year in APAC, and a few notes on what we can expect from the months ahead. As Apple’s dire performance in China has shown, Asia increasingly matters to Western tech firms, their customers, shareholders and partners:
Asia’s technology market had more global exposure in 2018 than in many recent years. There’s just one problem: most of it was negative. President Trump has begun a de facto trade war with China which has now morphed into a full-fledged stand-off on several fronts, with cyber-espionage and perceived unfair Chinese trading practices at the heart of US grievances. As we head into 2019 expect tensions to increase, with other south-east Asian nations potentially benefitting as US firms pull their supply chain operations from the Middle Kingdom.
It could be an extremely nervy time for Silicon Valley CEOs.
The trade war continues
The tit-for-tat trade war started in 2018 might have so far steered largely clear of tech goods, although some firms have begun to warn of an impact on profits. But the industry has certainly been at the heart of the stand-off between the world’s superpowers. In January a deal between Huawei and AT&T to sell the former’s smartphones in the US collapsed after pressure from lawmakers worried about unspecified security concerns. Then came a seven-year ban on US firms selling to ZTE — the result of the Chinese telco breaking sanctions by selling to Iran, and then lying to cover its tracks. Although part of the ban was subsequently lifted temporarily, it highlighted to many in the Chinese government what president Xi Jinping had been saying for some time: the country needs to become self-sufficient in technology. It was reinforced when Huawei became the subject of a similar investigation.
This is about America, and Trump in particular, fighting back against what it sees as years of unfair trading practices by China. The argument goes that the Asian giant has been engaged in cyber-espionage on an epic scale to catch up technologically with the West, and unfairly forces IP transfers on foreign firms as the price for access to its huge domestic market. Thus, the coming year will see a ratcheting up of tensions. China on the one side will look to increase its espionage in areas like mobile phone processors to accelerate plans to become self-sufficient. And the US will continue to find ways to crack down on Chinese firms looking to access its market — probably citing national security concerns. There are even reports that the US has considered a total ban on Chinese students coming to the country over espionage concerns.
“Technology CEOs the world over with supply chain dependencies in China — so probably all of them — should be increasingly nervous and focused on their firms’ efforts to have viable contingency plans for a US-China technology cold war,” wrote China-watcher Bill Bishop in his Sinocism newsletter. That could spell good news for other ASEAN nations like Vietnam, where Samsung has made a major investment in facilities — although few countries in the region boast the infrastructure links and volume of skilled workers China does.
Cybersecurity takes centre stage
As mentioned, cybersecurity and online threats are at the heart of the Sino-US stand-off. The stakes got even higher after a blockbuster report from Bloomberg Businessweek which claimed Chinese intelligence officers had implanted spy chips on motherboards heading for a US server maker. Although the claims have been denied by Apple, Amazon and the server maker in question, Supermicro, they will confirm what many have feared about supply chain risk for a long time and accelerate efforts in 2019 to move facilities out of China. Further fanning the flames is a US indictment alleging Chinese spies worked with insiders including the head of IT security at a French aerospace company’s China plant to steal IP.
In a move likely to enrage China, the US also recently arrested and charged a Ministry of State Security (MSS) operative with conspiracy to steal aviation trade secrets. A major backlash is likely to come from Beijing. But more could also come from Washington after a combative congressional report from the US-China Economic and Security Review Commission called for a clampdown on supply chain risk and warned of China’s efforts to dominate 5G infrastructure and IoT production.
Aside from state-sponsored attackers, there’s a growing threat from Chinese cyber-criminals, according to one security vendor. Western firms suffer millions of attacks per year from financially motivated Chinese hackers, according to IntSights. Expect that to increase in the future as the state encourages criminals to focus their efforts outside the country, or even to team up with hacking groups at arm’s length. Also expect the country’s Cybersecurity Law to have a growing impact on how Western firms do business there. Ostensibly meant to vet such firms for interference by the NSA and CIA, the law could also serve as a pretext for Chinese officials to access sensitive IP and source code belonging to Western firms operating in China.
For other countries in the region, improving cybersecurity is vital to their efforts to attract more foreign IT investment and nurture start-up friendly environments. Although there are pockets of good practice, APAC is thought to be among the least mature regions worldwide. AT Kearney has called on ASEAN nations to increase cybersecurity spending to around $170 billion, warning that they are in danger of losing $750 billion in market capitalisation otherwise.
The threat from Chinese spies and local hackers is compounded by the growing danger posed by North Korea. Its state-sponsored hackers are acting with increasing impunity. FireEye recently identified a new group, APT38, which was responsible for the attacks on Bangladesh Bank and other financially motivated raids. Expect more attacks aimed at raising funds for the regime, as well as destructive campaigns and politically motivated information theft.
Taking a lead
On a more positive note, APAC is increasingly seen as a leader in emerging digital technologies: led by the two regional giants of India and China but also mature nations like Singapore, Taiwan, Hong Kong and South Korea. Microsoft believes that digital transformation will inject over $1 trillion to APAC GDP by 2021, with artificial intelligence (AI) a key catalyst for growth.
AI continues to be major focus for the region. Singapore is a leader in AI thanks to heavy government investment in schemes such as AI Singapore (AISG) and its AI Speech Lab, while government-owned investment company SGInnovate has recently unveiled its Deep Tech Nexus strategy. India is also is also poised to become “one of the most active centres of expertise in AI” according to experts, thanks to government backing.
Asia is leading the way on smart city projects. Investment in initiatives was set to reach $28.3 billion in 2018 in APAC (ex Japan), and is forecast to reach $45.3 billion in 2021 — partly out of necessity. The region’s cities are forecast to add another one billion citizens by 2040, which will require up to 65% of the UN’s Sustainable Development Goal targets to be met.
India’s Modi government has led the way with an ambitious plan to transform 100 cities, although 2019 will be a crucial year, given that recent reports claim 72% of these projects are still only at the planning stage. Many more examples are springing up all over the ASEAN region, however, from flood awareness programmes in Danang to a free public Wi-Fi and CCTV camera network in Phuket. IDC celebrates some of the best examples each year, showing the breadth of innovation in the region.
However, governments will need to do better in 2019 to tackle major barriers to digital transformation identified by the UN. These include excessively top-down approaches; security, privacy, and accountability problems; and digital exclusion. It claimed just 43% of APAC residents were internet users in 2016. There’s plenty of work for governments and the private sector to do next year.
The start of a new year is as good a time as any to begin thinking seriously about a possible career move. Given the very early stage of economic recovery in the UK, there are limited possibilities at home, so what about taking the leap to Asia? After all, it’s one of the global economy’s strongest performing regions and in markets like China there are huge sums of public and private money being invested into IT upgrades and infrastructure projects.
Well, I spoke to several recruitment experts in China, Hong Kong and Singapore to get the low down on the opportunities, but also the challenges for job-hunting ex-pat IT pros.
First up is China. According to Michael Page senior manager Joshua Rafter the job market is stable and growing, with pharmaceutical, healthcare, chemical, retail, automotive and technology sectors growing particularly strongly. Skills in demand include business-facing roles such as project managers and business analysts.
Hong Kong is also looking pretty positive, although more so in the commercial rather than the financial sector. Roles in demand there include app devs, help desk analysts, system admins and business analysts/project managers with ERP skills.
Finally, Singapore will continue to be strong, especially in second and third quarters, with business-facing roles again in demand, although Michael Page manager Michael Nette warned me that ex-pats will only be offered local packages.
“For most multinational and local companies there is a strong drive to recruit Singaporean citizens and then look for talented a foreign candidate if local talent cannot be found,” he added. “The Singaporean government has introduced stricter criteria for government issued Employment Passes and Personal Employment Passes.”
The bad news for ex-pat IT pros is that local talent is strong and getting better all the time, so anything under senior managerial level roles will probably be filled by home-grown professionals. What’s more, in China you WILL be expected to speak Mandarin, or at least to have lived and worked in the country for a time previously. Language skills in international business hubs of Singapore and HK are less important (although would still give you an edge), but job seekers will be expected to do their search from over there, so it’s going to take a leap of faith.
“Be stationed in Hong Kong for a extended period. Visiting for only a week or applying for jobs from abroad make it very difficult to secure a role in Hong Kong,” said Michael Page regional director Christopher Aukland. “A lot of expats find roles through networks rather than applying directly – therefore being here in person to network extensively is critical.”
The days of the cushy ex-pat package are pretty much gone, so expect local wage scales and lots of competition, unless you’re lucky enough to get a transfer out here with your current employer. That said the experience gained – both life and work-wise – will be invaluable for future career prospects, so it’s well worth a punt if the time is right for you.
You might even end up never leaving.
Last week APT and anti-malware firm FireEye announced the creation of a new Cyber Security Centre of Excellence (CoE) in partnership with the Singaporean government. It didn’t make many headlines outside of the city state but I think it’s worth a second look for a few reasons.
First up, FireEye is pledging 100 trained security professionals to this new regional hub, to provide intelligence to help the local government protect its citizens and infrastructure from attack as well as benefitting the vendor’s customers across APAC.
FireEye is one of the few infosec companies I’ve spoken to in this part of the world that is prepared to talk at length about the specific problems facing organisations in the region. More often than not when I try to go down this avenue with a vendor I’ll be told about how threats are global these days and attacks follow similar patterns no matter where you are on the planet.
While I know this is true to an extent, it was nevertheless refreshing to hear FireEye’s APAC CTO Bryce Boland tell me that the reason for building a team in Singapore was to have the necessary local language and cultural skills to deal with specific regional threats.
“We have a lot of countries here, many of which have tense relationships, so we see a lot of that boil over into cyber space,” he told me.
As well as the various hacktivist skirmishes that periodically hit the region, such as those between the Philippines and Indonesia or China and Japan, there are also more serious IP-stealing raids which stems from the fact that APAC represents more than 45 per cent of the world’s patents, Boland added.
As a result, regional organisations face almost twice as many advanced attacks as the global average.
Another reason the news of FireEye’s new CoE warrants attention is what it says about the approach to cyber security by the respective governments of Singapore and Hong Kong.
Although Hong Kong threw HK$9 million (£730,000) at a new Cyber Security Centre in 2012, my impression is that Singapore is more proactive all round when it comes to defending its virtual borders.
It was a view shared by Boland, who pointed to Singapore’s ability to attract and support infosec players looking to build regional headquarters there, as well as its efforts to attract globally renowned speakers to an annual security expo.
In my experience, what few events there are in Hong Kong are poorly attended, attract few speakers from outside the SAR, and rarely provide the audience with anything like compelling or useful content.
OpenStack cloud vendor and Amazon–agitator Rackspace Hosting is launching its first public cloud offering for Asia in Hong Kong today, so I caught up with APAC MD Ajit Melarkode to talk all things Hong Kong, cloud and Rackspace.
I covered the news over at The Reg. Given that not many businesses rely solely on the public cloud, the announcement can be seen more in context of Rackspace’s Hybrid Cloud offering – which allows users to mix and match between public and private cloud and dedicated server hosting.
As such, I’m sure IT managers in the region will be keen to have another option for their cloudy needs.
They should also be assured that Rackspace is certainly investing significantly in the region, and Hong Kong, Melarkode told me. “We’ve sent a lot of Rackers out to set up here,” he said. “We’re not treating it as a satellite office – Hong Kong has really come into its own this year.”
Testament to this is Melarkode himself, who has experience of running operations on the ground in the region, and the fact that the firm is setting up dedicated finance, HR and marketing departments, as well as hiring a regional CTO, lead engineers, SMB and enterprise support staff, and ensuring that there is a good spread of local language speakers.
So who is Rackspace hoping to target with its new offering? Well, according to Melarkode, the growth of the Hong Kong office and APAC hub can be seen in parallel with the expansion of Rackspace customers into Asia: “as our customers expand we expand with them – we’re driven in a major part by client requirements”.
Another market he mentioned was that of the smaller innovative local companies in industries like retail and technology which are unencumbered by legacy infrastructure and are “leapfrogging onto new technologies like mobile and cloud”.
Melarkode was unsurprisingly quick to leap to the defence of Asian firms, which are often branded as copy cats and accused of lacking the ability to truly innovate.
He argued that creating services on top of “building blocks” already developed in the West does not necessarily amount to copying – and pointed out that firms from the region are contributing code to OpenStack, which he claimed is certainly not the behaviour of a technology laggard.
The region in general, while perhaps slightly behind the West, is certainly catching up in terms of the maturity of its IT services industry.
“I’ve seen how the region has developed right from the time Indian outsourcing started blooming in 1993, to the more hardware and infrastructure focus in China and the BPO success taking hold in the Philippines,” he explained.
“What I see is lagging behind here but the pace is still fantastic. Look at how it’s catching up. Lots of clients used cloud just for back-up and storage but now they’re starting to use it for app testing and development. The catch-up rate is astonishing.”
Rackspace will certainly need that maturity to expand beyond the handful of early movers in APAC if it’s to recoup some of its growing investment here.
Things are moving pretty fast, though, with the firm doubling headcount and its datacentre space in Hong Kong to meet expected demand and with plans to do so again in the coming year, Melarkode said.
It was Microsoft and Nokia’s big week this week and I’m sure the two will be hoping to hog the headlines going forward as much as they did over the past seven days. Now some might have unkindly described the alliance as “the sounds of two garbage trucks colliding”, but I’ve been getting the low down on why the deal should matter to APAC, or more realistically, why APAC should matter to Microsoft.
Let’s get one thing straight, APAC is essential to Microsoft’s future success in the smartphone space, not just because it has the world’s largest and fastest growing market – China and India respectively – but because Nokia has a really good legacy footprint there thanks to its feature phone biz.
The problem for Redmond, however, is that we’re not talking about feature phones any more, but smartphones. These markets are increasingly demanding smartphones, albeit low-end handsets, not feature phones. It’s why local players like Huawei, ZTE, Micromax and others are growing at such speed.
Nokia’s stock is greatest in India, where it has been voted most trusted brand for two years in a row, despite on-going tax problems with the authorities. Yet according to IDC’s Melissa Chau its relationship with operators isn’t particularly great anymore, so to large extent Microsoft is going to have to start from scratch here.
Building a budget Lumia will be vital and Chau told me Microsoft could do two things to help achieve this:
- Remove licensing charges – at the moment it’s built into the cost of the phone – which would wipe about $10 off per handset
- Use its combined internal expertise now with software and hardware to tweak Windows Phone so that it can run on hardware specs more suited to a lower price point.
It also needs to sort out Asha, she told me, starting with making the handset more attractive by sticking some Microsoft apps on it, and then hopefully in time transitioning those customers to a low cost Lumia.
This ain’t gonna be easy. The competition is fierce out there and with Nokia’s star waning and a severe lack of apps in the ecosystem the best Redmond can probably hope for is cementing it in third place behind the deadly duo of iOS and Android. With four of the Lumia’s top selling markets in APAC (including no. 1 and 2) however, it must make the region a priority.
Time will tell how successful it is, of course, but time, as we all know, is probably something Micr-okia doesn’t have.
Last week I popped over to the Quarry Bay HQ of Verizon Business in Hong Kong to hear more about the annual Data Breach Investigations Report.
The report’s really come on since I covered it way back in 2008, and this year pulled data from an unprecedented 19 reputable sources including Scotland Yard, the US Department of Homeland Security and many more.
The Register covered the main news from the report when it was launched the week before – that China was responsible for a whopping 96 per cent of state-affiliated attacks – so I was keen to get some other APAC-relevant insight from the team.
Unfortunately there wasn’t much to be had, in fact the report itself only mentions Asia Pacific once as a break-out region, to illustrate the top 20 threat types across the whopping 47,000 security “incidents” recorded over 2012.
What this probably tells us is that methods of collecting the data at the moment are pretty non-standardised across the globe, which makes drawing any clear comparisons difficult between regions.
Another thought that occurred: it’s fairly obvious that organisations across the globe suffer from the same kinds of information security risk – whether hacktivist, financially motivated criminal or state sponsored espionage-related.
As Verizon’s HK VP Francis Yip said: “No one is immune from cyber crime. As long as you have an IP address, you are a target, no matter how long you spend online.”
In this respect, there were no startling new trends as such to pull out of the report, aside from China’s consistent and persistent appearance as number one source of state-sponsored shenanigans.
This is probably good news for under fire CISOs, now tasked not only with deflecting financially motivated cyber crime and attempts from hacktivists to take down their sites and steal credentials, but also under-the-radar information theft from APT-style attacks.
What’s also good news, is Verizon’s assertion that the cloud is no less safe than any other form of computing system, as long as IT teams make sure they carry out due diligence on providers.
“Cloud can actually be more secure, because these providers are doing it on an industrial scale with staff who know what they are doing,” argued Verizon’s APAC head of identity and privacy services, Ian Christofis.
While all this is certainly true I definitely got the impression from the briefing that many firms are still failing on the security basics.
“Could try harder” is probably a suitable report card take-away for businesses from 2012.