In the last 10 years, how has SecureMetric’s scope changed?
incorporated in 2007 and, in the past 11 years, I have witnessed how my company has grown and progressed. We identified the potential of digital security early on and have evolved from providing security devices locally, to developing and implementing our in-house digital security solutions across South-East Asia.
In the first five years, we were still very much positioned as a technology vendor and subcontractor, working with more well-known companies to accumulate experience and strengthen our domain expertise in the areas involving authentication and PKI (Public Key Infrastructure). PKI is regarded as the most appropriate security mechanism for securing data and identifying users, among others.
We then started to bid for contracts as the main contractor and have gained a solid reputation not just in Malaysia, but across South-East Asia. We have implemented several prestigious projects, including the Philippine National PKI project in 2012, and following that a PKI project for the Ministry of Defence in Vietnam. Our clients include government agencies, financial institutions and multinational corporations. In Malaysia, we secured and implemented a project for Lazada in 2017.
In the last few years, more than 70 per cent of our revenue was derived outside Malaysia, which is a testament to the acceptance of our solutions regionally. We spent a decade building this platform, and we have plans to further expand our presence in the South-East Asian digital security market.
How has working across the region helped with SecureMetric’s experience in the industry and with your customers?
Although South-East Asia is not an exceptionally large region, it is very diverse as every country has its unique culture and language. In the last decade servicing clients in this region, we have identified the importance of localising both our services and our solutions. This has given us an edge as it is not easy to meet clients’ demand with one homogenous solution. We have established local presence and offices in Indonesia, the Philippines, Vietnam and Singapore to be closer to our clients. We hold a very strong belief in hiring the locals, training up the locals, to serve the locals. At the same time, we’re flexible and able to customise our solutions or products to fit the local market.
With stories of hackings and cyber-attacks regularly in the news, cyber security is more important now than ever – how has FinTech influenced this industry?
The modern world is networked together, from Internet banking to government infrastructure, and this makes us susceptible to cyber-attacks and security breaches, which have become international concerns. With cyber-crimes unlikely to slow down, governments and businesses alike are seeking to elevate their cyber defence strategies. Fintech has essentially made the end users’ smartphones their personal financial instrument and largely relies on applications that can access users’ financial profiles to perform a variety of real-time transactions.
If you look at reports today, on average there’s a new malware generated every 4.2 seconds globally, and mobile phones are vulnerable to such attacks as they can be exploited as an entryway into financial networks. With such threats, it is very important for FinTech players to place greater emphasis to ensure that their mobile applications are secured, and we are seeing more
security vendors developing security solutions that focus on mobile phones. FinTech has changed the landscape for cyber security. We saw an opportunity in this and our solutions for mobile apps have been experiencing good momentum.
What do your customers need to know about cyber security and FinTech?
FinTech leverages on mobile phones and the biggest challenge for service providers is to ensure that security of the device is not compromised. This is not an easy task as it is almost impossible to restrict users against actions that will make their devices vulnerable, like unsecured browsing and illegal downloading. It opens an avenue for hackers to access personal and even corporate information if the device is connected to the users’ organisation. It is not only the individual which will be impacted by monetary loss. Vast amounts of data can be accessed, and entire organisations can be seriously impacted or even crippled by such breaches. Most central banks in the region have issued security guidelines and protocols for FinTech players to comply with, and I believe it is widely understood that the right defences must be implemented to avoid serious repercussions.
How do you see the industry changing over the next 10 years?
Mobile is definitely not something we can ignore, and we can expect more advanced and sophisticated cyber security solutions developed to secure mobile applications. The next thing that I foresee taking off will be IOT (Internet of Things) – with IOT gaining greater momentum, you will definitely see more cyber security players developing digital security solutions to secure IOT. The difference is that, for IOT, the processing power on the devices are much lower, like on sensors or controllers – they’re not as powerful as mobile phones or computers. When we design security solutions for such applications, we have to take those limitations into consideration and ensure that the digital security solution is light-weight but still very secure.
Another important note for the upcoming 10 years is that quantum computing will be ready. That will require a lot of security upgrading as formulas used today for security solutions will be rendered invalid because quantum computing is so powerful that it can break the current security algorithm. It’s important for the market to start being aware and ensuring those security solutions that they’ve adopted will be quantum computing-proven. We have started preparation on this to ensure we’re ready when that happens.
TEXT FLAVIA GALEOTTI & EUGENE NG
PHOTOGRAPHY ROBIN YONG
ART DIRECTION AUDREY LIM