Artificial Intelligence & Machine Learning , Events , Governance & Risk Management
Why Security Must Shift From Compliance to Risk Management
Anthony Lim of Singapore University on Securing Legacy OT Using AICybersecurity governance has evolved significantly over the past 25 years, as technological advancements and the rise of cybercrime have driven the need for robust frameworks. Adopting standards like ISO/IEC 27000 can help organizations align with national security goals and regional cooperation, but simply following compliance checklists is falling short, said Anthony Lim, fellow, cybersecurity, governance and fintech, Singapore University of Social Sciences.
Real security, he said, requires understanding the risks and applying appropriate controls. Legacy operational technology systems, designed decades ago, often lack modern defenses and pose unique challenges as it connects to the internet and IT systems.
"OT was not so much about confidentiality of data, but availability and safety, which is again something new to cybersecurity itself," Lim said. "OT teams need to do a better job of using generative AI to help them find ways to defend the OT."
In this video interview with Information Security Media Group at the GovWare Conference and Exhibition 2024, Lim discussed:
- The importance of integrating OT into IT to address new vulnerabilities;
- The need to shift from compliance to risk-driven cybersecurity strategies;
- Using AI to enhance defenses against emerging threats.
Lim has more than 25 years of experience in cybersecurity and governance across Singapore and the Asia-Pacific region. His diverse roles have spanned business leadership, consultancy, advocacy, project CISO, instruction, academia and auditing. He has held key senior regional roles at companies including Check Point; IBM; and CA Technologies, now Broadcom.