That’s an impossible question to answer, since the region is a mix of the most and least cybersecure countries in the world, according to a report by Comparitech. The inequality is growing increasingly noticeable as Southeast Asia’s digital footprint grows, with Singapore and Malaysia ranking highly and Vietnam and Indonesia lagging dangerously far behind. Wherever they occur, cyber incidents affect businesses, countries, and individuals by damaging relationships with customers, lowering internal morale, and subjecting them to intense media scrutiny.
Show me the data
The Comparitech study is similar to a report card. To chart the trends of cybersecurity, researchers grade 60 countries on a 100-point scale based on a set of seven criteria. Countries can do well overall but still be bested by others in specific categories. This allows individual governments to tailor their future efforts to the areas that need the most improvement. The categories range from the percentage of mobile devices infected by malware and the number of attacks by cryptominers to the number of financial malware issues and how up-to-date the country’s current and drafted legislation is regarding cybersecurity. Total scores were calculated by averaging a country’s score for all seven criteria.
The study ranks countries in descending order, with the most secure country scored 60th and the least secure, first. Singapore breaks the top ten most cybersecure countries overall with a rank of 51 out of 60, while Malaysia (35) and Thailand (34) come in not far behind. At 24, the Philippines are in the middle of the pack, while Indonesia and Vietnam fall close to dead last, holding the dubious claim to the ranks of 2 and 3.
2019 will be a great year for cybersecurity in Southeast Asia
The cybersecurity divide
An in-depth look at the seven individual categories reveals extreme opposites between the high- and low-ranking countries. Singapore, for example, is the best prepared for cyberattacks with a score of 0.925 while Vietnam is the least equipped to deal with such a scenario. Why is Singapore doing so well compared to its neighbours?
Part of the answer is one of ‘required reaction.’ Large data breaches in July 2018, in which cybercriminals exposed the data of 1.5 million Singaporeans, prompted major investments in cybersecurity. In subsequent years, the Monetary Authority of Singapore authorised a $30 million SGD cybersecurity capabilities grant and the Info-Communications Media Development Authority created a multi-year cybersecurity roadmap. Overall, the country has a long history of developing cybersecurity initiatives, funding related programmes, and forming technical institutions to raise digital safety standards.
Compare that to its counterparts at the opposite end of the spectrum, Indonesia and Vietnam:
With the fewest preventative measures in place against cyberattacks, Vietnam is the country most likely to be targeted. In 2018, they suffered from the highest number of ransomware attacks, where malicious software blocks a user’s computer until they offer up the requested sum of money, and they came in seventh for countries commonly targeted for cyber-espionage, where criminals use computer networks illegally to gain access to information.
Many Southeast Asian countries–Myanmar, Brunei, Cambodia, and Timor-Leste–are even further behind in the cybersecurity field than Vietnam and Indonesia, but since they’re still in the “initiating” stage of their digital development, the Comparitech study refrained from including them in the 60-country report. Thus, the cyber divide is larger than even recent studies indicate.
The case for cybersecurity equality
Why is cybersecurity equality critical, or even necessary? Since globalisation has created a web of dependencies that transcend national boundaries, when one’s neighbours suffer from cybersecurity attacks, everyone is affected. Security stratification creates problems for the entire region, which is why Singapore and other top-ranking countries can’t ignore the formation of what Allan Friedman, a fellow and research director at the Brookings Institution Center for Technology Innovation, termed “cybersecurity ghettos.”
In short, rich countries can continue to strengthen their cybersecurity measures, but as long as cybercriminals can exploit poorer countries that haven’t yet caught up, digital attacks will remain a global issue.
Closing the Cybersecurity Gap
The Comparitech study concludes that given the data, every country has areas that require their immediate attention–even the countries that scored highly overall. In an age of constantly evolving new technologies, open systems, and increased connectivity, cybersecurity threats leave no room for standing still. Fortunately, studies such as this one provide a basis for countries to examine and implement cybersecurity measures customised for their specific needs. Some may focus on strengthening legislation, while others help users better protect their devices. But one thing is certain, with far-reaching consequences that affect countries’ economies and consumers’ individual levels of well-being, it’s important to keep tracking and acting upon cybersecurity data–because this cybersecurity gap is one that needs to be closed, for everyone’s good.