Interview with Wahab Yusoff, Vice President, Asia at ForeScout Technologies
In this interview, Wahab Yusoff, Vice President, Asia at ForeScout Technologies, shares his views on the pace of digital transformation in APAC, the growing need for cybersecurity with the increasing connectivity and the inevitable convergence of IT, OT and IoT
TDE: Tell us a little about your business and its history?
Wahab Yusoff: ForeScout Technologies focuses on transforming enterprise security through visibility, pioneering an agentless approach to network security to address the explosive growth of the Internet of Things (IoT), cloud computing and operational technologies (OT).
We offer a highly scalable, heterogeneous platform that provides enterprises with agentless visibility and control of today’s vast array of physical and virtual devices the instant they connect to the network. ForeScout was founded in 2000, and by 2017, we were listed on Nasdaq, with over 2,500 customers and over 900 employees in over 70 countries.
TDE: What are your thoughts on the current pace of digital transformation in the APAC region?
Wahab Yusoff: The APAC region is very diverse in terms of the pace of digital transformation – some countries are much further ahead than others. Take countries such as Singapore, Malaysia and Australia, for instance. Much of these countries’ digital transformation is driven by the government as part of the transition to become smart cities. As such, we’ve seen technology being integrated not only at the organizational level, but also within the public sector.
However, in developing countries such as Laos, Thailand and the Philippines, this is predominantly led on a commercial level.
China is a special case of its own. The way they have adopted cashless payments has set an example for not only the rest of the region, but also the rest of the world. To begin with, the country did not have many ATMs, especially in remote/ suburban areas, due to the vast size of the country. As such, given factors like an increasing need, geography and the growth of the country’s economy, China has leapfrogged to e-payments simply because they were forced to do so.
TDE: What role does cybersecurity play in digital transformation?
Wahab Yusoff: As organizations or even governments embark on a journey of digital transformation, it is a given that there will be a rise of smart services, and more connected devices. This also comes with a corresponding increase in potential cyber threats, and therefore a need for services to be more secure. Cybersecurity will therefore become an integral component. Organizations and governments will have to ensure that they, first and foremost, have visibility into the devices on their network in order to mitigate such attacks.
TDE: What are some of the key cybersecurity challenges organisations have faced in the past year?
Wahab Yusoff: Visibility remains the top cybersecurity challenge in 2018. Malicious actors will try to find any way in through any device, known or unknown, as long as they are connected to the network. In many instances, attacks take place because the organization is unable to protect assets they do not have visibility over.
We’ve also seen the proliferation of IoT devices in the past year. The growth of IoT devices is tremendous, but now it is compounded because people are actively using these devices. This adds a layer of complexity, as organizations now need to ensure that all these devices are compliant with cybersecurity measures set out by the organization.
TDE: Organisations are still struggling with hardening their security posture. Why is this the case and how can organisations and governments build more robust cybersecurity practices?
Wahab Yusoff: Organizations are struggling because malicious actors are constantly evolving and will continue to find new ways to break through the network. Realistically, I do not anticipate a time where there will zero breaches, as these may be caused by human error or even lapses in network systems.
The only way around this is, to leverage automation to minimize the likelihood of such attacks and ensure proper execution of the organization’s cybersecurity measures. On a government level, this can also be achieved by implementing regulations, and laws such as the Cybersecurity Bill in Singapore. Following this comes enforcement – taking punitive actions against those who do not comply.
TDE: The year 2018 has seen several high-profile cyberattacks. What does 2019 have in store for us?
Wahab Yusoff: 2018 has seen high-profile personal data breaches on SingHealth and HealthHub, to name a few examples.
In the coming year, we can expect to see more public health information breaches. Network attacks on healthcare organizations will continue putting millions at risk, while phishing attacks will continue to provide unauthorized access to millions of records and both intentional and unintentional human error will continue to compromise the security of electronic health records.
We can also expect to see more creative approaches to hacking and leveraging data by malicious actors in 2019. Hackers will employ the data harvested from a breach to exact more personal consequences on strategically targeted victims. Even if an individual has no known affiliation with a healthcare provider, anyone is subject to indirect compromise. This problem reaches beyond the obvious risks of sharing health information between offices; the attack surface has broadened to the entire healthcare supply chain.
TDE: What are some of the key cybersecurity trends you foresee in 2019?
Wahab Yusoff: The biggest trend I foresee is the increased regional coordination and regulation around cybersecurity practices in ASEAN. Leaders in the region have already taken a step in this direction following the third ASEAN Ministerial Conference on Cybersecurity in October. As such, we can anticipate significant movement in 2019 to facilitate sharing of information and harmonization of regional security regulations.
Another trend would be the convergence of IT, OT and IoT devices. Given the rapid rate at which these devices are being leveraged by organizations, there is a simultaneous need for high levels of inter-connectivity in order to gain better oversight of all devices on the network. Although these devices operate differently, they must not be treated in isolation. This is because the likelihood of an attack that results in a severe physical impact will increase, as long as the attack surface continues to increase.
We predict that attacks by malicious actors will increase in frequency and intensity, forcing the enterprises to either invest in newer, more secure systems, or reevaluate their entire security architecture and reassess the manner in which IT, OT and IoT devices interact.
2019 will also be the year we see the growth of the role of automation in both security automation and security orchestration. Automation has allowed some organizations to offload time-consuming and unnecessarily burdensome tasks and retool a portion of their workforce. We are likely to see improved collaboration between humans and machines – also known as intelligence automation (IA) – that will not only address the skills gap but also result in stronger cybersecurity practices and programs.
TDE: How do you keep yourself updated?
Wahab Yusoff: I subscribe to most of the daily newspapers in Asia, so I get a weekly summary of what’s happening in the region. This is coupled with intelligence gathered from conversations I have frequently with partners, customers and industry peers.
TDE: What are some of the websites or magazines or apps that you subscribe to or read regularly?
Wahab Yusoff: Some of the key titles include The Economist, Forbes, and Infosecurity Magazine. These are in addition to the dailies mentioned previously. I also frequent online news portals such as BBC News on cybersecurity, CNET Security, CNBC Tech Cybersecurity and WIRED to keep up-to-date on developments within the cybersecurity space.
TDE: What’s your favourite social network – Instagram, Facebook, LinkedIn or Twitter?
Wahab Yusoff: I’m present on all 4 networks, but I’m least active on Twitter.
For more DX insights follow Wahab Yusoff on LinkedIn.