Making security provisions translate into lower overall costs when individuals, corporations, and private citizens’ groups are educated about managing the security of public goods, their production, and delivery.
According to recent reports, the world’s Muslim economy grew at almost double the global rate in 2014/2015, and Muslim consumer spending is set to reach US$2.6 trillion in 2020. This makes for good business and good business profits. Muslim consumer spending across the globe appears to be rising as increasing numbers of non-Muslims do business with Muslim companies.
Transnational Muslim-to-Non-Muslim business is increasing as the world becomes more interested in kosher produce, halal food, alternative attire, and ecotourism. Part of the reason for the increasing interest in halal products and services derives from the fact that the Organization of the Islamic Conference (OIC) owns over 70 per cent of the world’s potential fossil fuels and natural energy resources. This has made Islamic finance important in London, Paris, and New York. Despite the problems caused by Islamic extremists in Paris in the post-9/11 decades, moderate Islamic economics is fast becoming kosher in a predominantly non-halal world. Part of the power of halal public and private good production arises from marketing and advertising. A significant part of halal marketing is delivered through social media. And this brings us to the importance of cyber-securing social media and its public goods.
Neglecting the security of public goods will result in more harm than good to the overall communications infrastructure of a state. Cybersecurity experts have long known that cyber-hackers and cyber-terrorists tend to have certain patterns of attack that can almost be predictable each time. For example, hackers like to attack Web sites around the Fourth of July in the USA; during the National Day celebrations in Malaysia and Singapore; as well as on Jewish Holy Days in Israel. There is therefore always a pressing need to defend and protect public goods. And unfortunately, the burden of providing such security falls on the shoulders of the public security personnel themselves.
Singapore deploys police officers from the Police Transport Command (PTC) to patrol the main transportation hubs as well as the Mass Rapid Transit (MRT) network. In the US, private companies are often hired to provide some level of physical security at the stations while in Thailand, the protection of the Mass Transit Railway of the Railways of Thailand (MTR) falls under the jurisdiction of the Royal Thai Police (RTP). The main problems tend to arise from cybersecurity issues rather than physical security ones. Physical security penetrations that occur are usually too late and too hard to control after the event breaks out. On the other hand, cybersecurity events are often considered to be more manageable if they are anticipated early enough. But if such security threats are detected late in the game, then long-term consequences can occur.
Apart from the negative social media and criticisms that led to the resignation of at least one Transport Minister and another who moved elsewhere, there were also higher costs involved in the breakdowns. The lack of proper planning and foresight had let down the guard of the MRT managers who were more concerned at one time a few years ago only with the bottom-line rather than the top-line. But eventually the top-line spoke for itself. Singaporean expectations, motivated by a government bent on increasing productivity, resulted in unrealistically high expectations of the public sector that created public goods. The smallest error was prone to widespread media coverage and criticism. This was not restricted to Singapore but was a common feature in Malaysia when Datuk Seri Samy Vellu was the Minister for Public Works and Transport. He said: “…when you become a president of MIC (Malaysian Indian Congress), even the cat on the road can criticise you!” Despite being over 10 years old, the interview remains alive on YouTube.com and proves the importance of securing the Internet.
Other Parts of Cyber Southeast Asia
In Thailand, Hong Kong, and Malaysia, there were fewer causes of failure in terms of public service delivery because of much lower public expectations. In fact, after Datuk Seri Samy Vellu stepped down as MIC President, his political fortunes came to a virtual stop and Malaysia had lost one of its most flamboyant and iconic federal leaders. Despite the lack of ASEAN leadership in the cybersecurity arena, the Indonesian Armed Forces (TNI) had long taken the lead in terms of using cybersecurity models as part of Indonesia’s provision of the defence public good. For example last year, TNI launched Indonesian Army Cyber 2015 which involved how cybersecurity models help recruit, train, and empower their soldiers through defence exercises such as hacking and cyber-forensics. The emphases in future years for TNI will be on how IT can be used to help reduce cyber crimes such as identity theft, baking fraud, cyber-spying, and hacking.
Cybersecurity and the Provision of Public Goods and Services
What are the incentives to providing cybersecurity for public goods? Examples of public goods include street lighting, national defence, and welfare systems for the aged and the poor. There are certain advantages to using cybersecurity methods to protect public goods delivery. These include tax incentives for donors. Another advantage is to create public confidence in terms of the provision of quality of public goods, the production of public goods, and the delivery of public goods. The concept of cybersecurity extends out of the physical world of security and into the virtual world that it impacts.
Most public good models are linked to public enforcement models. This is because public goods have to be protected and often do not have comprehensive public security features. The Changi Airport Group Aviation Security Division of Singapore makes use of high technology security features as well as low-tech security to protect the public and private areas of Singapore’s main airports, its lounges, cargo areas, taxi ways, engineering hubs, service hangars, baggage holds, and passenger terminals. The level of security is a mixture of both public and private agencies and personnel that monitor incoming, outgoing, as well as transit passengers. Similar kinds of cybersecurity features are also found in Survanabhumi International Airport in Thailand as well as Kuala Lumpur International Airport and Subang Airport in Malaysia.
How can cybersecurity techniques be applied to monitor and safeguard public goods and places producing public services? For one, simple fourth generation CCTV cameras are linked through in-house software to central monitors. These monitors enable 24-hour duty personnel to keep a close watch over main entry-and-exit points, choke points, and common spaces for potential suspects, fugitives, as well as suspicious objects. At the higher end, advanced software help identify persons-of-interest out of thousands of faces via database profiling. The use of both high and low technology features in most modern Southeast Asian airports where aviation passenger, entertainment, and security managers can rely on tried-and-tested modes of protecting the public transport good to ensure that the various platforms and processes run smoothly. So far we have seen the advantages of using cybersecurity models to save costs of managing modern airports. But what are the opportunity costs?
Despite the great advantages provided by cybersecurity platforms in the protection of public goods and services, there is also one major drawback. An overt reliance on cybersecurity has resulted in more hackers attempting to penetrate computer based models of public service delivery systems. This creates more than a headache for airport managers because the hacking of computer systems will result in: higher costs (usually US$11 million to resolve a penetration including creating patches for the damaged system); more manpower required to maintain secondary security systems as a result of knee-jerk reactions; and loss of revenue to profit centers due to delays and collateral costs. The additional costs take on the form of an increase in waiting time on the ground for delayed aircraft arising out of computer glitches; and the domino effect on other airlines and airports.
The security of public goods and services can be enhanced through the use of high-tech and low-tech methods as well as dovetailing these measures with the physical security of public transport systems. Apart from red-teaming and monthly stress tests and personnel readiness exercises, individuals, corporations, and private citizens’ groups have to be educated about the nature of managing the security of public goods, their production and their delivery. Lower costs of making such security provisions translate into lower overall costs for all.
Copyright © 2017 Singapore Institute of Management