There can be no digital economy without security

Across the world, digital technologies are disrupting industries, improving lives and propelling progress. Similarly, we see these changes taking place in ASEAN (Association of South-East Asian Nations) countries, building on the fundamentals for digitization that are in place – such as growing economies like Thailand and Indonesia, a highly digital and young population (50% of ASEAN’s population is under 30 years of age), and an extremely high literacy rate of 94%. Infrastructure is also well developed – 90% of people in the region have internet access.

The conditions are ripe for ASEAN to become one of the world’s top five digital economies and a major global economic player by 2025. To achieve this, what ASEAN needs is to implement a comprehensive digital agenda and strategy. Doing so could add $1 trillion to ASEAN’s GDP over the next decade.

This is why digitization is incredibly relevant for the region. By pioneering the development of new digital services and business models, ASEAN countries will create new areas for economic growth. The clearest example today is the tech sector – it’s changing the way citizens work, live and play through businesses that are built on the sharing economy. But beyond that we are also seeing the rejuvenation of old sectors, such as manufacturing, which is moving towards “Industry 5.0” and reaping the benefits of improved efficiency, flexibility and widespread customization.

While it’s clear that digitization is paramount, there are many aspects to consider. But underlying all of that is security, which is absolutely fundamental. To fully realize the opportunities that are described above, security needs to be a core part of any digital transformation strategy. Today, we have a diverse and growing threat landscape. And as business goes digital, the number of external touchpoints will only grow, making them increasingly vulnerable. Security is what protects businesses, allowing them to innovate, build new products and services.

Beyond a defensive role, security provides businesses with a strategic growth advantage. Here’s an example: customer data. Imagine you’re a business like Go-Jek, an Indonesian transport, logistics and payments start-up. Regardless of the value you add, do you think customers would willingly use your service if they didn’t trust you to handle their sensitive information? Trust creates widespread utilization of the service, which in turn generates valuable data, allowing Go-Jek to identify growth opportunities in terms of creating new services, or improving existing ones. This is just one example of the importance of security – Cisco has identified 414 security-enabled digital use cases that will drive $7.6 trillion in value over the next decade.

There are three key areas for organizations to focus on when it comes to security: strategy/policy, technology and people.

Businesses need to look at security from a big picture perspective. It’s about saying “let me have a security blueprint to enable the business” more so than worrying about the tactical aspect of “how do we detect where the vulnerabilities are within the environment?” This means thinking about security end-to-end, throughout the organization, from the network to the cloud to the customer end-points. At Cisco, we believe in an architectural approach, which means that products are integrated and built to share context and information on threats. This approach takes advantage of investments and network infrastructure already in place, which means that scaling security alongside business growth is simple and straightforward. It creates a multiplier effect and reduces cost by over 30% vis-a-vis a point-product approach. For example, the Western Australian education department is able to centrally manage security for 798 school sites without having to worry about scalability.

From a technology standpoint, you need technology that visualizes what’s happening across the entire network. With that, you can respond to threats even before they occur. That said, when breaches occur, you need to be able to automate security across physical, virtual and cloud touchpoints to reduce complexity and quickly remediate attacks.

Besides processes and technologies, organizations will also need to invest in people to become more resilient in the face of new attacks. It’s evident that many high-profile security breaches in recent times began with a phishing attack on a single employee. Only increased employee awareness could have prevented these events. Hence, personal responsibility with respect to security must become a business priority too. And as the lines between personal and enterprise technology blur, organizations can also consider extending protection to employees in their personal use of technology.

Given that ASEAN is such a diverse and complex region, political and cultural differences and variations in economic behaviour can make awareness-building a challenge. It should be the responsibility of industry players and government bodies to drive the security agenda through comprehensive awareness-building programmes. By doing so, we empower ASEAN to achieve its potential and claim its rightful place as one of the leading lights of the global digital economy.