Southeast Asia currently has more than 400 million internet users. This contributes to the rapid growth of the digital economy in the region, which is forecast to reach $1,000 billion by 2030. However, the threat of cyber attacks is also increasing.

Distributed cybersecurity architecture

According to a recent report by Singapore-based cybersecurity firm Cyfirma, cybercrime in Southeast Asia has increased by 82%. Cyberattacks mainly targeted Singapore; followed by Thailand, Vietnam and Indonesia. Previously, the International Criminal Police Organization's "ASEAN Cyber ​​Threat Assessment 2021" report listed the main cybersecurity threats facing the ASEAN region as: business email fraud, phishing, ransomware, e-commerce data theft, crimeware, cyber fraud and cryptocurrency mining.

According to thepaper.cn, amid the increasing number of serious cyberattacks, ASEAN’s ability to prepare for, respond to, and recover from cyberattacks remains relatively low. Although there has been significant progress in enhancing cybersecurity in individual Southeast Asian countries and the region as a whole, the lack of coordinated cybersecurity standards remains an obstacle.

Currently, the cybersecurity architecture in the ASEAN region remains fragmented. The lack of a comprehensive cybersecurity governance strategy poses a major challenge for ASEAN. ASEAN member states are affected by economic and digital differences and are subject to different regulatory constraints, leading to different priorities in dealing with cybersecurity issues. In addition, timely information sharing of sensitive data faces major challenges as ASEAN countries prioritize national security and sovereignty considerations, and interoperability is bound to be limited.

Digital divide

The digital divide in ASEAN has hampered the ability to act collectively to address data security threats. There is a large gap in internet resources among ASEAN countries, with internet penetration rates ranging from 26% in Laos to 95% in Brunei. At the national level, poor households and communities or those in remote areas have relatively weak network infrastructure. In addition, fixed broadband internet is underdeveloped in some ASEAN countries, partly due to a lack of infrastructure such as electricity. According to the International Energy Agency, although 90% of the population in Southeast Asia has access to electricity, 65 million people still lack access to it.

Less developed countries are more focused on solving basic network problems, thus reducing the need and consideration for cybersecurity. The number of secure internet servers per million people in ASEAN countries is increasing year by year, but the number varies greatly between countries. In 2020, Singapore had 128,378 servers per million people while Myanmar had only 14 servers per million people.

There are also clear differences in the level of digital development among ASEAN member countries. The gap in cybersecurity level roughly divides ASEAN countries into three types: Singapore and Malaysia are the group with a complete cybersecurity management system, the rest are the group with an incomplete system and the group with a backward system…

MINH CHAU synthesis