14 minute read
Future Of Cybersecurity 2021 – Cybersecurity In The Next Normal
FUTURE OF CYBERSECURITY 2021 – CYBERSECURITY IN THE NEXT NORMAL CYBERSECURITY IN THE NEXT NORMAL
The conference addressed the main challenges surrounding cybersecurity preparedness, with case studies on real-life situations discussed, the management of these incidents and measures to prevent a recurrence, among other salient topics.
The Future of Cybersecurity 2021 was launched with a bang by Alex Loh, Country Manager of Fortinet and Organising Chairman of the event, and Danny Lee, Chairman of PIKOM, when they placed their palms on a sensor to initiate the launch gimmick.
WELCOME ADDRESS
by Alex Loh
In his welcome address, Alex shared that the last few months have been tough despite the recovery efforts, coupled with many uncertainties. He expressed that digital transformation had already begun way before the pandemic. However, with the acceleration of digitalisation, cyberthreats have also increased. Alex pointed out that cyberattacks increased in 2020 compared to 2019.
“Cyber resilience is more than just cyber security, it is about business continuity,” he explains. “Companies, government agencies, educational institutions and regulators are trying to rely more on digital services and stable connectivity. Above and beyond that, we need resilient cybersecurity measures to protect ourselves and the systems we use,” Alex adds.
He highlights that this year, the Global Cybersecurity Index ranked Malaysia at eighth place out of 194 countries globally. Alex explains that Malaysia has been successfully addressing cybersecurity because it has in place policies focused on deploying a solid national strategy, and the industry must continue to support these policies. For Malaysia to continue remaining strong, experts in this area are needed. He pointed out that in 2020, there was a shortage of over 7,900 cybersecurity experts in Malaysia, and this is expected to increase if nothing is done to address the issue. Alex explains that for this, collaboration is needed with the relevant government agencies and institutes of higher education to produce more cybersecurity experts.
Danny Lee
Danny explains that agility is key to implementing changes, while resilience is key to surviving the challenges faced in the constantly evolving business environment. He notes that disruptive technology has caused a significant rise in cybersecurity threats.
“Everything that has happened in the last 2 years has disrupted our ecosystem, our business operations, business strategies, and this has amplified the urgency towards transformation, and for companies and organisations to become more agile and resilient,” Danny explains.
He explains that companies are not only forced to reassess their priorities but also their mindsets. Now when companies are required to have their people work from home, this automatically means that “physical” has become optional. He highlights that the right technologies and systems are necessary to support the primarily digital workplace and workforce.
“In the post-pandemic world and amidst recovery efforts, there are implications on how best companies can perform and deliver. Digital transformation not only brings a company up to speed with today’s technologies, but also makes it vulnerable to security breaches. This results in cybersecurity itself to become a comparative differentiator,” Danny elaborates.
Danny points out that digital transformation and cyber resilience cannot be separated; while data protection has become paramount. He adds that we need a holistic cyber-resilience approach including measures to recover fast regardless of the size of the organisation. This is because cybercriminals are not concerned about the size of the company, and often go after those that do not have security systems in place. More than 8,500 cybersecurity incidents were reported this year alone which include data theft, spam, cyber harassment and fraud, among others. At the same time, more than 1.8 million malware infections were reported up to September this year. Danny highlights that while more organisations have taken measures to enhance cybersecurity and become more cyber-resilient, attacks have also become more sophisticated.
Danny explains that long before the pandemic the government had already been pushing for SMEs to be digitally enabled and technologically equipped to meet the demands of an increasingly connected world.
“PIKOM, representing the industry, has upped the ante by taking a step forward to promote cybersecurity awareness, establish international co-operation and also drive more local cybersecurity companies and industry players to improve their competitiveness,” he says.
“Cybersecurity is the No. 1 megaindustry trend that is going to shift industry and shape the economy as well and also playing its greatest role in many years to come,” Danny adds.
He points out that there is no-stopping cyberthreats as long as technology is accessible, borderless and continuously facing disruptions. “Malaysia as a country does have the potential ability to shape cybersecurity not only for our country but also offer our knowledge and capabilities regionally,” Danny explains. He adds that as long as we continue to form alliances, partnerships and collaborations, and as long as we are able to reach out to global players with similar interests, cybersecurity will remain as a leading subject within the digital economy.
CYBER THREAT LANDSCAPE
by Abbas Kudrati, APAC Chief Cybersecurity Advisor, Microsoft
Abbas touched on the latest threats observed by Microsoft and how it is mitigating the threats. He explains that Microsoft collects over 21 billion signals on a daily basis which are analysed using machine learning and artificial intelligence, and come up with trends such as which countries are being targeted, what kind of attack vectors are used, and techniques used by criminals.
Abbas points out that with no technical knowledge of how to conduct a cybercrime attack, an amateur threat actor can purchase a range of services to conduct their attacks with one click. He explains that the supply chain of the attack can be complicated and targets all kinds of sectors. Despite this, Abbas says that there are positive trends which include transparency which comprise the creation of laws, partnerships, collaborations and knowledge transfer to battle cyberthreats.
Abbas says that Microsoft has been engaged to address cyberthreats in various sectors such as manufacturing, insurance, agriculture and the government; and surprisingly, healthcare is also one of the top 5 targeted sectors for cyberattacks. He explains that Microsoft works with its clients in these sectors to limit the scope of damage and prevent future attacks. He advises that using a mix of technologies to deter attacks and slow them down will eventually tire cybercriminals and make them move away. He points out that the number one target for phishing and other malicious email, using various techniques, is the wholesale distribution chain, accounting firms and capital companies. He also cautioned against malware that is spread using search engines. He highlights five cybersecurity paradigm shifts that include the rise of digital empathy, the zerotrust journey, diversity of data, the resilience of business in association to cybersecurity and a greater focus on integrated security.
BUILD ZERO TRUST FOUNDATIONS
by Ahsim Nisar, APAC Cybersecurity Specialist
Ahsim says that the topic zero-trust foundations architecture is currently abuzz in the market. He highlights that attack services is cheap and that COVID-19 has brought about unexpected IT challenges which include a sudden spike in the need for remote access to apps; on premises VPN scalability constraints; a surge in demand for most of the workloads and the need for new apps and websites; and, bad actors exploiting the pandemic and increase in attacks. Also, there has been an increase in the importance for high availability, protection and performance for applications, and a huge spike in the usage of cloud native offerings.
Zero-trust architecture has become important due to IT security complexities, ‘trusted network’ security strategy, assets increasingly leaving the network, and attackers shifting to identity attacks. Ahsim points out that zero-trust architecture has been around for a while. However, there has been slow mainstream adoption for both network and identity models. He advises to increase security assurances for critical business assets with security enforcement policies. He highlights that zero-trust starts with securing the people and the devices they use to get work done because 80% of breaches involve the use of lost or stolen passwords and 60% of BYO devices are not secured by IT.
Migrating to a zero-trust security model allows organisations to simultaneously improve security over conventional network-based approaches and better enable users where and when they need to access. A zero-trust model requires signals to inform decisions; policies to make access decision; and, enforcement capabilities to implement decisions effectively. Ahsim also talks about the zero-trust maturity model which involves the traditional stage whereby most organisations are today; the advanced stage, where organisations progress with hybrid identity, access policies, secured devices, protected networks and cloud, and the use of analytics; and, the optimal stage, whereby organisations have made large improvements in security.
Zero-trust implementation is currently at 76% across the USA, Japan, Australia, New Zealand and APAC. Ahsim explained that the barriers to zero-trust implementation include resource challenges, leadership, technology challenges, lack of the right vendors and budget constraints.
CONVERGENCE, THE FOURTH UTILITY, AND THE IMPORTANCE OF A ROBUST PHYSICAL INFRASTRUCTURE
by Frank Straka, Director of Business Development, Enterprise, Panduit
Frank talks about the trends in convergence and infrastructure involved. He notes that systems keep converging and that there are new areas for cybersecurity threats to target. Hence, it is critical to protect systems. For this, physical infrastructure is key. In talking about the trends in convergence, he highlights that the impact of COVID-19 includes truly enabling the hybrid office, and making the office somewhere you want to go with smart buildings, customised settings and a better building experience with convergence. The benefits of converged network and smart buildings include reduced provisioning costs with shared resources, reduced use cost with less networks to administer and maintain, and flexibility. Meanwhile, smart
buildings offer simple and flexible settings.
In naming the network as the fourth utility aside from electricity, water and gas, Frank points out that the network has become a necessity that can provide data and power, for which a robust cabling infrastructure is needed. He highlights that a highquality infrastructure is crucial to reduce downtime. Frank explains that the future of convergence includes single pair ethernet which is expected to be adopted starting from 2022.
REIMAGING ENTERPRISE CYBERSECURITY AND MANAGING RISK
by Goh Chee Hoh, Managing Director, Trend Micro Malaysia and Nascent Countries
Goh says that in digital transformation, there are several concerns that organisations face which include surrendering security control to users working from home; whether or not security solutions are built for cloud applications; and, striking a balance between IT security and operations. Today, digital transformation encompasses omni-channel, IoT, augmented reality and hyper-personalisation to drive customer experience and revenue. Goh pointed out that in 5 years, 25% of malls will be gone and that mobile payments will hit USD1 trillion in 2020. Mobile, blockchain and big data AI is expected to drive customer engagement at a lower cost. Meanwhile, automation, robotics and AI is set to improve efficiencies and operations in unsafe working environments, while also reducing planned outages by 50%. Digital transformation is also delivering digitally-enabled tools for diagnosis, treatment and management of illnesses, while also preventing up to 95% of adverse drug events.
Goh pointed out some of the most worrisome risks for organisations with the top three being a prolonged recession of the global economy, a surge in bankruptcies and a wave of industry consolidation, and cyberattacks and data fraud due to a sustained shift in working patterns. According to the Cyber Risk Index in 2021, the top risks include loss of data, shortage of qualified personnel and organisational misalignment and complexity. It was found that 71% of organisations had at least one breach involving customer records and 71% had 7 or more breaches. Goh highlights that with diverse digital platforms comes a broader attack surface and new vulnerabilities.
Talking about Trend Micro’s security platform, Goh highlights the optimised enterprise threat defence the company offers comprising the Trend Micro Vision One ecosystem offering the Trend Micro Cloud Nine, Trend Micro Network One, Trend Micro Apex One and Trend Micro Service One. The platform offers smart, layered security that maximises protection. Today, Trend Micro is the global leader in Intrusion Detection and Prevention Systems (IDPS) based on revenue between 2019 to 2020, at 23.5% market share.
THE STATE OF RANSOMWARE IN MALAYSIA – DÉJÀ VU IN THE NEXT NORMAL
by William Phuah, Director of Product Marketing for Security, Sangfor
William explained that Sangfor has spent more than 4,000 manhours conducting investigations into ransomware and breaches, and has identified 6 common gaps. The company has delivered more than 8 solutions through in-house developed applications to address common security gaps identified from the investigations. To-date, 10 industry leading sectors have required their services and 12 countries have benefitted from its services.
A key observation the company has made during its investigations include the lack of good security control in many organisations. He highlights that ransomware now comes in packages that make it easier to attack organisations. Goh highlights that cyber attacks are leveraging AI to be more intelligent and more efficient, ensuring high hit rates and more devasting results, which include almost guaranteed pay out and double extortion. Nowadays, ransomware is also targeting backed up data.
Sangfor provides a holistic anti-ransomware solution that encompasses cyber command and security services features, complemented by neutral X-cloud threat intelligence and analytic platform, Sangfor NGAF, Endpoint Secure, Engine Zero AI-powered malware detection engine, and Sangfor HCI solution to build backup infrastructure. One of Sangfor’s key approaches to stopping ransomware is the Ransomware Honeypot which carries out network-wide malware hunting and one-click mitigation. In
detecting and blocking propagation, William explains that the NGAF and Endpoint Secure solutions carries out suspicious traffic isolation, among other interventions.
William said that early indicators of a ransomware attack typically include suspicious traffic behaviour, repeated suspicious failed login attempts, illegitimate network scanner traffic, presence of known attack tools, and unauthorised access to critical servers. He explains that Sangfor Security Service provides pre-attack, midattack and post-attack solutions.
CYBERSECURITY COLLABORATION WITH ASEAN
The session featured distinguished speakers from Japan and was moderated by Ruy Hayashi, Director of OMC Incorporated
Nobuhiro Watanabe, Counsellor for International Strategic, NISC addressed the issues and direction of Japan’s Cybersecurity Strategy 2021. He shared that ASEAN-Japan Cybersecurity Policy Meeting is a framework of Cybersecurity Authorities among ASEAN member states and Japan for promoting cybersecurity policy cooperation. The meeting encouraged joint efforts in creating a secure business environment, building a secure information and communications network, and enhancing capacity for cyber security. He highlighted that NISC coordinates cybersecurity cooperation.
Koji Nakao, Advisor of Cybersecurity for the Cabinet Secretariat in the Japanese government touched on the trend of cybersecurity threats and national security measures including ASEAN support. He explained the types of malware commonly encountered, malware infection behaviour, and Darknet monitoring. He shared that many IoT devices are already infected by malware. Koji also explained about DRDoS attacks and security measures to monitor these attacks. He shared that starting February 2019, MIC and NICT, in cooperation with ISPs, have been carrying out “Notice” project to survey vulnerable IoT devices, and to alert users to any problems found. National security measures to address malware include research and development on IoT malware removal or nonfunctionalisation technologies for effective use of the radio spectrum. Other measures include virtual workshops, collaboration with ASEAN countries and cooperation with domestic and overseas organisations.
Seiichi Ito, Deputy Chairman of the International Committee, JISA shared on the topic of All for One and One for All in ASEAN Cybersecurity. He said that the Japanese cabinet approved the Cyber Security Strategy Policy to actively promote international cooperation. JISA’s vision is to overcome language and cultural barriers for international exchange of products, information, business and human resources. JISA also hopes to create opportunities for overseas members to get training in Japan, to encourage active exchanges, while also driving the sharing of best practices as well as to initiate industry-government-academia collaboration and unification.
PANEL SESSIONS
The first panel session featured 5 distinguished speakers who shared their thoughts on cybersecurity in the next normal from the perspectives of people, process and technology. The panel session was moderated by CF Fong, CEO of LE Global Services Sdn Bhd; while the speakers included Sivanathan Subramaniam, Deputy Director (Risk Specialist), Cyber and Technology Risk Specialist Unit, Bank Negara Malaysia; Victor Lo, Head of Cybersecurity, Malaysia Digital Economy Corporation (MDEC); Eric Foo, Vice President, Hitachi Sunway Information Systems; Sandy Woo, Country Director, CA Technologies; and, Kenneth Lee, Technical Manager, Westcon-Comstor Asia.
The second panel session featured a discussion on cybersecurity in the next normal from the perspectives of CIO and CISO. The session was moderated by Jason Yuen, Partner, Technology Consultant, EY. The speakers for the session comprised Muhd Dawud Saifullah, Head of Cyber Security, Maxis; Eznurein Hazri, Executive Vice President & Head of Group Information Services, Ambank; Abid Adam, Group Chief Risk & Compliance Officer, Axiata; and, Alan See, CEO and Co-founder of Firmus.
