ISO Standards , NIST Standards , Standards, Regulations & Compliance

APAC Security Organizations in the Era of Digital Trust

3 Experts Discuss Value of Frameworks, Industry Certifications and Standards
Sithira Wanniarachchi from Sri Lanka, Syahraki Syahrir from Indonesia, and Goh Ser Yoong from Malaysia

Security organizations in the APAC region need to adopt widely recognized frameworks to consistently ensure digital trust and protect privacy, according to a panel of experts from the APAC region. Industry certifications are a good investment for improving security programs and business resilience, according to Syahraki Syahrir, CEO and partner at Veda Praxis; Sithira Wanniarachchi, mentor with ISACA Sri Lanka; and Goh Ser Yoong, head of compliance at Advance AI.

See Also: Security Culture Report for ASIA 2024

"I would say any organization should adapt to a widely recognized framework. ISACA has a COBIT framework, the NIST cybersecurity framework and ISO standards," Wanniarachchi said. "And if you're looking for business continuity, you have a certification for that. These are well-practiced industry organization certifications."

"It can be applied by a small company to a bigger company. Here it is not about a technology but about the processes you have in place."

Ser Yoong added that standards provide a "common language" across an organization. "Standards provide that understanding," he said. "Most organizations recognize these certifications and what they mean."

Unfortunately, small and medium businesses face challenges in following these standards, said Syahrir, who added that Indonesia launched new privacy regulations last year. "In Indonesia, 90% of businesses are small or medium. Imagine how complex it is to implement such regulations to Indonesian businesses," he said, citing the need for "business process reengineering or a major change in the business."

In this video interview with Information Security Media Group, the panelists also discuss:

  • The various elements of digital trust and why it's so important to the business;
  • How do set a baseline for cybersecurity and privacy across the organization;
  • How to have digital trust with modern approaches such as zero trust.

Syahrir is the CEO and partner at Veda Praxis, a management consultant focusing on digital business and transformation, strategy and GRC. He has been a management consultant and auditor for more than 15 years and started his career at a global consulting firm handling local and multinational clients.

Ser Yoong is head of compliance at Advance AI. He is a seasoned IT professional focusing on information risk management, cybersecurity and data protection. His has more than 15 years of experience at a variety of companies including PwC, BAT, Standard Chartered and AirAsia.

Wannniarachchi is an experienced network infrastructure, security, risk and compliance professional with more than 18 years of experience in manufacturing, distribution, logistics, leisure and information technology domains.


About the Author

Suparna Goswami

Suparna Goswami

Associate Editor, ISMG

Goswami has more than 10 years of experience in the field of journalism. She has covered a variety of beats including global macro economy, fintech, startups and other business trends. Before joining ISMG, she contributed for Forbes Asia, where she wrote about the Indian startup ecosystem. She has also worked with UK-based International Finance Magazine and leading Indian newspapers, such as DNA and Times of India.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.