Koo told Defence Connect that the thinking around cyber security had changed dramatically over the past decade.
"It's really quite interesting: when [the term] cyber security first became coined about 10 years ago, the focus was all on malware. It was all on attackers from the outside,” he said. “It was all on hackers trying to get in and break through the firewall, or break through the perimeter to get inside organisations."
While this perimeter or sentry-based focus had still been in vogue in cyber security for the last several years, Koo said he had noted a shift in awareness and emphasis more recently.
"In the last three years, I guess, the realisation [has been] that it's all about people," he said. "It's about a people-centric approach to security because we've done a lot to protect our perimeters, but now the perimeters are eroding. Everyone is mobile, everyone is on a mobile device."
Koo said the defining feature, both of the general threat landscape and the associated potential defence solutions centred in large part on harnessing the power of interconnectivity.
"People are connecting to networks all over the place," he explained. "Not just for Defence, but for any organisation that's out there looking to protect their people [and] data – whether it be shareholder data, intellectual property [or] whether it be personal data about citizens that are out there.
"It's not just about stopping the hackers and malware, it's also about teaching our people inside the organisation that touch the data legitimately and do things on the network. It's teaching them how to do things the right way so they don't unnecessarily open up vulnerabilities."
Finally, Koo also underlined the importance of realising the brief involved in combating the spectre of increasing cyber attacks now pervaded all levels of staffing within organisations.
"If we train our people right, it's not [just] the responsibility of someone that you hire in a security role," he underlined. "Let's say, if you're a big bank and you hire a chief information security officer and you say, 'it's their job and their teams’ job to manage the bank's security'.
"That's the wrong approach, it's everybody's job."
To hear more from Mohan Koo, stay tuned for our exclusive podcast.