In a recent interview, James Tan, the Associate IT Director at Temus, a powerhouse in the cybersecurity and information systems sector in Singapore, shed light on the company's robust strategies to safeguard digital assets and their journey to achieving the prestigious ISO 27001 accreditation. This comes at a pivotal time when the nation is steering towards becoming a smart nation, with Temus positioning itself as a frontrunner in this transformation.
James emphasized the critical role Temus plays in safeguarding not only their client's digital assets but also the organization's. "Would you put your money in the bank if the vaults were not secured with alarms and passwords?" he questioned, highlighting the gravity of the responsibility they bear. He noted that their clientele, primarily comprising public sector companies, demands stringent security measures to protect the public's interests, including safeguarding confidential personal, medical, and financial information.
The recent acquisition of the ISO 27001 trust mark by TUV SUD has significantly bolstered the confidence of their clients in Temus' capabilities. This certification, James remarked, has not only fortified existing partnerships but also set them apart from competitors, attracting potential clients who prioritize security and reliability in their digital transformation journey.
Discussing the arduous process of obtaining the ISO 27001 accreditation, James recounted the immense support from the senior management, who allocated essential resources to facilitate the initiative. Despite the challenges of implementing theoretical designs into daily operations and meeting tight deadlines for internal audits, the IT team at Temus triumphed, showcasing their resilience and dedication.
James elucidated that the ISO 27001 standard serves as a beacon, guiding companies to establish and continually enhance their information security management system, thereby mitigating risks associated with security breaches. This framework has enabled Temus to automate various processes, significantly improving threat detection accuracy and reducing manpower costs.
It's also imperative to ensure that AI tools are in alignment with ISO 27001. When addressing AI security, ISO 27001 serves as a valuable framework to ensure the robust protection of AI systems.
James emphasized how he is working with the Data and AI team at Temus to meet AI Powered Threats, but also to give them the freedom of experimentation with new tools. "The IT world is constantly evolving, and this rapid change extends beyond just AI. I've observed how IT work methods are changing faster than anything else, and there are always new standards and governance frameworks emerging to adapt to this new era. We are certainly reaching a midpoint where we need to balance the security of our systems with the freedom to adopt AI tools," explained James.
Reflecting on the company's journey since its inception two years ago, James highlighted the exponential growth Temus has experienced, with a workforce now exceeding 250 employees. The CEO, KC Yeoh, envisions a five-fold growth in the coming years, a testament to the company's ambitious vision. The implementation of ISO 27001 has revolutionized their operations, offering a 360-degree view of the organization's security health and identifying potential threats early on.
To maintain a high level of security across all departments, James mentioned that they have instituted controls within systems and processes to prevent complacency and shortcut approaches to information security. Mandatory training sessions have been introduced as part of the onboarding process to foster optimal user behaviour when handling sensitive information. "Even if we possess multi-million-dollar security tools, a single user who isn't adequately trained can inadvertently cause a security breach. In my view, prioritizing employee training is essential for securing the company," adds James.
Looking ahead, James revealed that the team at Temus is gearing up to explore new technologies and areas of experimentation to further enhance their information security practices. They are keen on expanding their strengths and building better capabilities, with plans to explore ISO 9001 and initiate workshops on information security management. James believes that new-era technology emerges from dreams, ideas and experimentation. By providing a development environment for users to conduct their experiments, he thinks they can secure their live environment while instilling confidence in Temus's clients regarding security.
In conclusion, James emphasised the continuous and laborious effort required to build and maintain robust information security systems. He stressed that information security is a collective responsibility, with the team at Temus serving as the first line of defence in cyber resilience. This insightful conversation with James Tan not only underscores Temus' commitment to safeguarding digital assets but also paints a promising picture of Asia Pacific's journey towards becoming a smart region, with Temus at the helm steering the way forward.