2024: Protecting ASEAN’s critical IT infrastructure

In 2022, the Asia-Pacific region bore the brunt of cyberattacks, comprising 31% of global incidents, according to IBM Security’s X-Force Threat Intelligence Index. This alarming statistic has prompted companies and their customers to heighten their vigilance, recognising the potential vulnerability of their critical IT and network infrastructure.

As we’re well into 2024, those of us in the IT infrastructure industry must let the collective memory of these incidents serve as an important wake-up call. We must be more vigilant than ever in protecting our critical IT infrastructure and ensure swift recovery when, inevitably, it does take a hit.

Many chief technology officers watched these incidents with a mixture of sympathy for the companies affected and deep gratitude that it wasn’t them on the hook. But with cyberthreats becoming ever more sophisticated and access to critical infrastructure such as connectivity becoming perceived as a basic human right, acknowledging that anyone could have been in the same vulnerable position is not sufficient for the challenges we face in 2024.

Enhancing network resilience

So, what needs to be done?

Networks, despite advancements, are inherently complex systems with numerous interconnected components. Even with diligent maintenance and cutting-edge technology, the possibility of a network outage can never be entirely eliminated. Each element, whether hardware, software, or environmental, presents a potential vulnerability. It’s akin to safeguarding a fortress with countless entry points — there’s always a chance of infiltration. Therefore, while striving for reliability is essential, it’s prudent for telcos and network-dependent firms to remain realistic, acknowledging that absolute immunity to outages is an unattainable goal. Vigilance, redundancy, and rapid response protocols are critical to minimise the impact when inevitable vulnerabilities surface.

Historically, the broader IT community often overlooked the intricate workings of networks, viewing them as a mere conduit for data transmission — a mechanism where data packets are blindly sent and magically arrive at their destination in the correct sequence. Fortunately, network resiliency is now garnering the acknowledgment it deserves within the information and communications technology (ICT) strategy landscape. This shift is crucial because the network serves as the backbone of modern digital infrastructure, acting as the silent observer that captures every digital interaction. Prioritising network resilience is not just a matter of fortifying connectivity; it’s about safeguarding the integrity, confidentiality, and availability of invaluable data traversing the network.

Operationalising preparedness

Being prepared for network failure in an enterprise involves a multifaceted approach. Firstly, it entails having contingency plans in place, such as having alternative internet service providers (ISPs) for a quick switch in case the primary one fails. Configuring systems to seamlessly transition to backup ISPs ensures uninterrupted connectivity. Additionally, leveraging technologies like 5G as an alternative backup can further enhance resilience.

Then there’s configuration. For example, are your dark fibres all entering your main distribution frame from different directions, or are they all approaching from one side, so that when a rogue tradesperson puts his shovel through your fibre, your network becomes non-functioning? Also, how does this scale throughout your entire internal network?

These fundamental questions underscore the necessity for integrated ICT departments and systems that communicate effectively with each other. Ensuring business continuity and developing comprehensive business impact plans require a collaborative approach across all technology practices, aimed at covering all bases for swift implementation when critical situations arise.

Then we test, test, and test the plans again. Continuous testing is paramount to validate the effectiveness of these plans. Regular evaluation and refinement of strategies, particularly in terms of the scalability of backend infrastructure and mitigation of cyber risks, are essential. Enterprises must candidly assess whether their back-end infrastructure can handle the increasing volumes of data and evolving cyberthreats, fostering ongoing dialogue and proactive measures to safeguard against network failures.

In ASEAN, an initiative involving Krungsri (Bank of Ayudhya), Thailand’s premier financial institution, highlights the impact of IT infrastructure modernisation. This effort has boosted the bank’s resilience to market dynamics, upgraded its legacy systems, and enhanced its focus on customer-centric digital banking services. Key to this transformation has been the strategic use of data analytics, cloud solutions, and automation, underscoring the importance of modernising IT infrastructure.

We anticipate a growing momentum among businesses and government entities in ASEAN to prioritise IT infrastructure modernisation in 2024. Without infrastructure that aligns with contemporary needs, the risk of network failures or operational disruptions looms large, potentially thrusting organisations into an unfavourable spotlight.