Close this search box.

We are creating some awesome events for you. Kindly bear with us.

An Intelligence-driven modern SOC is essential to operate effectively in the current cyber landscape

In the light of the pandemic and remote working becoming the new norm, the cybersecurity landscape has changed dramatically. Especially in the essential services industries like healthcare, governments, telecom, etc. that did not get any respite during the last few months. In fact, agencies and organisations in these sectors were working increasingly and incessantly to ensure the well-being of citizens/consumers.

Due to the increased pressure on these services and remote working, these organisations and industries have become an easy target for bad actors in cyberspace. Therefore, constant monitoring and quick recovery from these attacks is the urgent need of the hour. Understanding the sensitivity of this topic OpenGov Asia organized a second of the Virtual breakfast insight series in collaboration with Kaspersky on 14 August 2020: Intelligence Driven Modern SOC: A Future-ready Outfit.

In this exclusive session, delegates who participated came from a wide range of public sector industries in Thailand. They were eager to better understand how the Thai government is planning to deal with the heightened cybersecurity risk.

Empower the workforce to thrive during these times

Mohit: Empowering the workforce is critical in these dire time

The event was opened by Mohit Sagar who highlighted the fact that the pandemic made us all re-think our position as individuals and organizations.

In the past few months, hacking and phishing attacks have become more prevalent than before. Compounded with the compulsion of remote working,  people and organisations have been exposed to several vulnerabilities.

He emphasised that quick-response to attacks and constant surveillance of the organizational cyberspace with a Security Operations Centre within the organization is almost a necessity to operate effectively during these tough times.

He concluded his presentation by stressing that in order to thrive in these times, organisations need to empower their workforce with the right knowledge and resources and collaborate with partners who champion cybersecurity.

Cyber defense as critical as Cyber innovation

After Mohit, Genie Gan, Head of Public Affairs and Government relations APAC for Kaspersky. She began by stressing the crucial role that governments play in times of crisis.

Genie: Cyber defence is as important as cyber innovation

Furthering the points highlighted by Mohit, Genie shared her observations of how the bad actors are capitalising on the chaos.

She shared interesting facts about the security threat landscape in Thailand during the last few months. Her data showed that 6,067,924 web threats were blocked in Thailand from January to June 2020. Around 85,384 ransomware samples were detected by the Kaspersky solution in Thailand at the same time.

It was astonishing to know that more than 2-in-10 Thai Users were almost infected by web threats.

Keeping in mind the state of affairs in the Thai cybersecurity landscape, Genie emphasised that digital defense is as critical as digital innovation for any government that is aiming to digitally transform the nation.

She concluded by sharing a four-pronged approach to addressing cyber threats and validated each point with an example/ success story from the APAC region. They are as follows:

  • Threat Information Sharing
  • Engaging the community through public-private partnerships
  • Investing in education and creating awareness
  • Promoting transparency
John: How to be prepared to effectively handle a cyber threat incidence

After Genie’s insightful presentation Dr. John Kan, Chief Information Officer at the Agency for Science and Technology research shared his thoughts and perspectives on the issue at hand.

What you do during a threat incident is as important as planning for it in advance

Dr. Kan began by sharing the basic operating principles of SOC at his organisation. He shared the 4 stages of the ICT and Data incident Management process which include:

1) Pre-incident preparation

2) Detection and Analysis

3) Response and Remediation

4) Post-incident Enquiry

He then elaborated on the response plan in case of an IT security incident as he shared that no matter how much you prepare for an incident what you do in the advent of a real threat is very critical. He also elaborated on each of the steps involved in the response plan I.e. identification, containment, investigation, and recovery.

Since incident management is so critical to running smooth operations, he also shared some tips to enhance readiness in the process. These tips include:

  1. Form an incident management team
  2. Establish an incident management process
  3. Be conversant with the process
  4. Conduct incident management exercises
  5. Empower your team
  6. Stay relevant

He concluded by pointing 4 success factors that need to be perfected in order for an organisation to operate in a fully safe and secure environment.

  • Keeping people informed and educated
  • Having a well-defined incident response framework
  • Upskilling and Reskilling in SOC
  • Having Cyber insurance

After John Kan’s powerful presentation, the session became more interactive through the polling questions with the delegates sharing their personal insights and comments.

On the first question of what your primary IT security spending is for, the majority of the audience voted for SOC technologies (SIEM, Threat Intelligence, SOAR) (47%).

On this, a senior director IT security from a public organisation shared that he voted for the above option as his organisation is heavily investing in it mainly due to legacy reasons. But he also shared that people are still the weakest link in the security framework and need investment.

On the next question of how you stay ahead of the latest security updates and threats, our audience was split between, from vendors as part of product acquisitions (43%) and from threats intelligence reports subscription (47%).

A senior IT executive from another government agency shared that in his opinion getting updates from the vendors is the fastest and most effective way of getting updates as they are experts.

On the final question of how you plan to prevent cybersecurity attacks, our delegates voted for: engage security assessment services (42%).

Another delegate from a government agency shared that if she voted for security assessment services as if an organization is starting off in this direction, this is a good step as it is easy to propose and initiate.

The polling results from the healthcare session being displayed simultaneously were good eye-openers for our delegates.

After the polling session, Victor Chu, Head of System Engineering, SEA- Enterprise Cybersecurity from Kaspersky came forward to close the session. He shared some insights about Kaspersky threat intelligence and the kinds of threats that have been prevalent over the period of the last 4 months. He also briefly highlighted the needs of threat intelligence and how Kaspersky can help provide those solutions.

Our delegates took away valuable information around the current cybersecurity landscape and the solutions to protect them.


Qlik’s vision is a data-literate world, where everyone can use data and analytics to improve decision-making and solve their most challenging problems. A private company, Qlik offers real-time data integration and analytics solutions, powered by Qlik Cloud, to close the gaps between data, insights and action. By transforming data into Active Intelligence, businesses can drive better decisions, improve revenue and profitability, and optimize customer relationships. Qlik serves more than 38,000 active customers in over 100 countries.


As a Titanium Black Partner of Dell Technologies, CTC Global Singapore boasts unparalleled access to resources.

Established in 1972, we bring 52 years of experience to the table, solidifying our position as a leading IT solutions provider in Singapore. With over 300 qualified IT professionals, we are dedicated to delivering integrated solutions that empower your organization in key areas such as Automation & AI, Cyber Security, App Modernization & Data Analytics, Enterprise Cloud Infrastructure, Workplace Modernization and Professional Services.

Renowned for our consulting expertise and delivering expert IT solutions, CTC Global Singapore has become the preferred IT outsourcing partner for businesses across Singapore.


Planview has one mission: to build the future of connected work. Our solutions enable organizations to connect the business from ideas to impact, empowering companies to accelerate the achievement of what matters most. Planview’s full spectrum of Portfolio Management and Work Management solutions creates an organizational focus on the strategic outcomes that matter and empowers teams to deliver their best work, no matter how they work. The comprehensive Planview platform and enterprise success model enables customers to deliver innovative, competitive products, services, and customer experiences. Headquartered in Austin, Texas, with locations around the world, Planview has more than 1,300 employees supporting 4,500 customers and 2.6 million users worldwide. For more information, visit


SIRIM is a premier industrial research and technology organisation in Malaysia, wholly-owned by the Minister​ of Finance Incorporated. With over forty years of experience and expertise, SIRIM is mandated as the machinery for research and technology development, and the national champion of quality. SIRIM has always played a major role in the development of the country’s private sector. By tapping into our expertise and knowledge base, we focus on developing new technologies and improvements in the manufacturing, technology and services sectors. We nurture Small Medium Enterprises (SME) growth with solutions for technology penetration and upgrading, making it an ideal technology partner for SMEs.


HashiCorp provides infrastructure automation software for multi-cloud environments, enabling enterprises to unlock a common cloud operating model to provision, secure, connect, and run any application on any infrastructure. HashiCorp tools allow organizations to deliver applications faster by helping enterprises transition from manual processes and ITIL practices to self-service automation and DevOps practices. 


IBM is a leading global hybrid cloud and AI, and business services provider. We help clients in more than 175 countries capitalize on insights from their data, streamline business processes, reduce costs and gain the competitive edge in their industries. Nearly 3,000 government and corporate entities in critical infrastructure areas such as financial services, telecommunications and healthcare rely on IBM’s hybrid cloud platform and Red Hat OpenShift to affect their digital transformations quickly, efficiently and securely. IBM’s breakthrough innovations in AI, quantum computing, industry-specific cloud solutions and business services deliver open and flexible options to our clients. All of this is backed by IBM’s legendary commitment to trust, transparency, responsibility, inclusivity and service.