Taiwan is gearing up efforts to promote its cybersecurity industry on the global stage while safeguarding critical infrastructure at home.
In March, tens of thousands of organizations spanning businesses, government agencies, schools and utility providers were compromised via a back door in U.S.-headquartered Microsoft Corp.’s widely used Outlook email software. The global cybersecurity crisis highlighted the growing threat of cybercrime faced by individuals and institutions at all levels. Urgent attention is required to protect valuable data from increasingly sophisticated hackers.
According to Jyan Hong-wei (簡宏偉), director general of the Department of Cyber Security under the Executive Yuan, Taiwan’s government websites are hit with about 30 million intrusion attempts each month, although 99 percent of them are successfully intercepted. Extensive experience in detecting flaws and fending off attacks as well as large collections of threat intelligence have become competitive advantages for the country, he said.
“Faced with serious cyberthreats and related challenges, Taiwan has actively promoted policies built around the concept that information security is national security,” Jyan said. “This is evidenced by inclusion of cybersecurity in the six core strategic industries unveiled by President Tsai Ing-wen [蔡英文] during her 2020 inauguration speech.”
The initiative’s goal is to develop globally trusted data security systems while strengthening defenses for the country’s critical infrastructure and major industries. Under its auspices, enterprises and government agencies have ramped up efforts to conduct regular cybersecurity simulations and establish countrywide collaborations aimed at enhancing opportunities for domestic telecommunications companies to tap into the global market.
Among projects rolled out to date is an experimental 5G open network platform based in northern Taiwan’s Taoyuan City launched in August last year by the Ministry of Economic Affairs (MOEA) in partnership with state-backed Industrial Technology Research Institute, Taoyuan City Government and U.S.-based Cisco Systems Inc. The platform offers Taiwan manufacturers unrestricted access to the latest network services technology, allowing them to conduct R&D on cutting-edge telecom equipment.
Cloudsec 2019 held by Trend Micro in Taipei City highlights the cybersecurity challenges faced by enterprises. (Photo courtesy of Trend Micro Inc.)
Taiwan and the U.S. also issued the Joint Declaration on 5G Security last August, underscoring the two sides’ commitment to protecting next-generation communication networks. Under the pact, the like-minded partners have been utilizing the Global Cooperation and Training Framework (GCTF) to raise awareness of opportunities and risks posed by 5G networks while developing related standards, guidelines and best practices. Initiated in June 2015, GCTF is a platform for expanding collaboration on global and regional challenges, with workshops held under the framework spanning areas such as e-commerce, energy, environmental protection and public health.
“The high connectivity rate in Taiwan makes it especially prone to viruses and cyberattacks from around the world,” Jyan said. “Security incidents affecting essential sectors like electric grids, health care and transportation systems, government agencies and high-tech companies could cause significant operational disruption as well as loss of money, property or even life.”
Case in point is Taiwan Semiconductor Manufacturing Co. (TSMC)—the world’s largest contract chipmaker—which experienced the biggest information security breach in the country’s history in 2018. The attack at the company’s headquarters in the northern city of Hsinchu was caused by a mutated version of the WannaCry ransomware, resulting in a three-day production halt and hefty loss of NT$5.2 billion (US$182 million).
Security First
The TSMC incident triggered widespread attention, prompting greater emphasis on cyber risk management across the public and private sectors, Jyan said. As a result, policies are being implemented to strengthen defenses in organizations across the board. The Legislature also passed the Cyber Security Management Act (CSMA), which took effect in January 2019 and put in place security management protocols for government agencies and essential businesses. The act lays out a three-pronged approach to warding off attacks encompassing cybersecurity maintenance plans, response mechanisms for security incidents and annual performance audits.
According to Jyan, CSMA has made great strides toward enhancing national security and protecting public interests while creating business opportunities for information and communication technology (ICT) suppliers. Given its ICT strengths and robust digital ecosystem, Taiwan is well positioned to expand its presence in the global cybersecurity market. A variety of digital security tools designed and produced by domestic companies are already widely used at home and abroad.
Emerging as a world leader in cybersecurity is Trend Micro Inc., which was founded in 1988 in the U.S. by Taiwan entrepreneur Steve Chang (張明正). With its global R&D center based in Taipei City, the company develops security software for more than 500,000 enterprises worldwide and has established strategic alliances with U.S. tech giants like Amazon.com Inc., Hewlett Packard Enterprise Co., IBM and Microsoft. It topped the Best Taiwan Global Brands 2020 list with an estimated brand value of US$1.64 billion, underscoring the critical role of digital security technology in the internet era.
Trend Micro showcases its latest threat defense products at Cybersec 2020 in Taipei. (Photo courtesy of Trend Micro)
“I applaud the government’s decision to include cybersecurity as one of the six core strategic industries,” said Bob Hung (洪偉淦), general manager of Taiwan and Hong Kong Business Unit at Trend Micro’s Taipei office. “Cybersecurity provides the foundation for all industrial sectors to grow their businesses and enable digital transformation.”
As ICT is adopted in an ever-growing number of fields ranging from business and government operations, manufacturing and medical services to physical infrastructure, the risks associated with cybercrime have correspondingly increased. In recent years, Trend Micro has handled about 700 cyberattacks against its 300 corporate clients in Taiwan alone. Damage is exacerbated by the fact that it takes an average of 518 days for victims to realize they have been attacked.
“No one is immune to cyberattacks,” Hung said. “Cybercrime is becoming costlier than ever before as technology permeates almost every aspect of our lives. We must take it seriously.” COVID-19 has further increased reliance on the internet and accelerated digital transformation. “The pandemic has consequently led to surging demand for security solutions,” Hung added.
Global Aspirations
Long-standing emphasis on high-tech development means Taiwan is well prepared to meet increased demand for information security. Jeff Hung (洪進福), general manager of Taipei-based CHT Security Co., sees the situation as a golden opportunity for homegrown companies to expand their target markets by going global. Established in 2018, the company is a subsidiary of Chunghwa Telecom Co., Taiwan’s largest telecommunications service provider. It offers security risk assessment and management as well as digital forensics for consumers, enterprises and government agencies, with its next-generation defense technologies receiving a U.S.-based Infosec Excellence Award and U.K.-based Infosec Quality Award.
Given the rapidly changing threat landscape, cybersecurity solutions providers like CHT must continuously evolve to keep apace. “The inclusion of cybersecurity in the six core strategic industries is a huge boon to those in the business,” Hung said. “The policy brings expanded government assistance with experimentation facilities, finance, talent cultivation, technology and regulatory frameworks.”
According to CHT’s Hung, public-private and cross-sector partnerships are also playing a crucial role in delivering results and meeting the policy’s objectives. “For our part, we’re ready to team up with other ICT companies to bring secure products utilizing entirely homegrown hardware and software components to the international market,” he said. “Through collaboration and strong government support, Taiwan is set to become a worldwide leader in cybersecurity.”
Write to Kelly Her at kher@mofa.gov.tw