As Central Asia increasingly integrates digital infrastructure into its national systems, the region is facing rising cybersecurity threats. With ransomware, phishing, and malware among the top global concerns, Central Asia’s still-developing cyber defences leave critical sectors—like financial institutions and national infrastructure—vulnerable. At the forefront of addressing these challenges is Thales, a global player in digital identity and security. In an interview with Tawney Kruger from Daryo, Christian Linhart, Sales Director for Austria, Central Eastern Europe, and the CIS region at Thales, outlined the company’s role in the region and the significant obstacles that still need to be overcome.
Thales operates in over 144 countries and has carved out a space in the cybersecurity market, bolstered by its recent acquisition of Imperva. Linhart pointed out that the acquisition has made Thales the sixth-largest cybersecurity vendor globally. However, this global footprint comes with both opportunities and challenges, particularly in regions like Central Asia, where cyber infrastructures are still maturing.
“We’re still in the early stages here,” Linhart admitted, acknowledging that Central Asia lags behind more established markets in Europe and North America. One of the key issues is the lack of unified regulations across the region.
“In this region, there is no common legislative framework… It’s hard to adopt something if there are no clear rules,” Linhart explained.
While some countries have made strides in adopting cybersecurity protocols, like the new regulation for protecting personal data in Kazakhstan, others remain without clear guidelines or enforcement measures, which makes establishing comprehensive security frameworks more difficult.
Despite these hurdles, Thales has made some headway, particularly within the financial sector. “About 90% of the financial institutions and banks are our customers,” Linhart said. But financial institutions alone are not enough to ensure broader cybersecurity across sectors.
The lack of enforcement, according to Linhart, is part of the problem. He drew a comparison to seatbelt laws in Austria in the 1970s: “People only started using seatbelts when they began being fined for not doing so. It’s similar with cybersecurity—until breaches have real consequences, many won’t prioritise security.”
Linhart also highlighted the human element as one of the biggest vulnerabilities in cybersecurity systems. “No matter how good the technology is, the human factor remains,” he said, pointing to poor cybersecurity practices and lack of training as major risk factors.
Thales, he explained, is focusing on identity and access management solutions to mitigate these risks, but that requires companies and governments to invest in more than just the latest technology—they need to foster a culture of security awareness.
A growing concern, not just in Central Asia but globally, is the rise of state-sponsored cyberattacks. Linhart acknowledged that ransomware, phishing, and malware attacks will continue to be top threats in 2024. The traditional approach of securing the perimeter is no longer enough, he argued: “You need to apply security more and more towards the data which is really relevant for you.”
In addition to these global cyber threats, cryptocurrency has introduced a new dimension to cybersecurity, particularly in regions like Central Asia where digital currencies are becoming increasingly popular. Linhart addressed the rise of cryptocurrency apps like Telegram’s TON in Uzbekistan, which have attracted a flood of users but raised concerns about data security.
“Cryptocurrencies take on a lot of personal data from their users,” Linhart said, noting that while some platforms integrate proper security measures, many do not. This has led to high-profile breaches where large amounts of cryptocurrency have been stolen.
“If you’re not protecting your data and especially your encryption keys, you’re exposed,” he explained.
The central problem, Linhart explained, is that users often mismanage their private keys, leading to irreversible losses when hackers gain access.
“It’s the same as locking your car but leaving the key on the roof” he said.
Thales offers hardware security modules (HSMs) that provide secure key management, which is critical in safeguarding cryptocurrency transactions and protecting against breaches.
A more pressing challenge looming on the horizon is the advent of quantum computing. While quantum computers are still in their early stages, their ability to perform complex calculations at unprecedented speeds threatens to undermine current encryption methods.
“A classical supercomputer might take years to break encryption, but a quantum computer could potentially do it in a day,” Linhart said.
This presents a fundamental shift in how organisations need to think about data security. Thales is committed to delivering solutions that support a Post-Quantum crypto agile strategy.
Linhart says,“We have been the first ones in the market who have the latest FIPS 140-3 Level 3 certification for our HSMs to which is required to run quantum-resistant algorithms in a secure environment.”
This technology is still in its infancy, but governments and companies are already preparing for the day when quantum computers will render traditional encryption obsolete.
In Central Asia, where digital infrastructure is still being built, Linhart argued that countries have an opportunity to “leapfrog” older security systems and adopt cutting-edge solutions like quantum-resistant encryption. However, he warned that unless there is stronger cooperation across borders and stricter enforcement of cybersecurity standards, the region will remain at risk.
As Central Asia’s digital landscape evolves, the region faces a unique set of challenges. Thales’ work in the region highlights both the potential for improvement and the gaps that remain. Without a concerted effort from governments, institutions, and the private sector, cybersecurity will continue to be an area of vulnerability. While companies like Thales can provide the tools and technology, the ultimate success of these efforts will depend on the region’s willingness to adopt and enforce robust security measures.
Comments (0)