Search
Close this search box.

We are creating some awesome events for you. Kindly bear with us.

Current cybersecurity landscape demands a robust, intelligence-driven Security Operations Centre

After engaging in rich discussions on the need to have more robust, technology-driven cybersecurity systems with delegates from the healthcare and public sector industry, OpenGov Asia set out to get the telecom industry’s take on it.

On 26 August 2020, OpenGov Asia hosted an OpenGovLive! Virtual Breakfast Insight to discuss the relevance of a Security Operations Centre from the perspective of the telecom industry across ASEAN.

The session, Intelligence Driven Modern SOC: A Future Ready Outfit, had delegates from all major telecom companies from Malaysia, the Philippines, Thailand and Indonesia.

Mohit: Organisations must make sure their cybersecurity systems are robust and up-to-date with the latest technology

To set the tone for the discussions, Mohit Sagar, Group Managing Director and Editor-in-Chief, OpenGov Asia opened the session by highlighting the unpreparedness of individuals and organisations when the pandemic hit the world.

The magnitude of the strike was beyond what anyone or any organisation could have imagined; it has made the world push boundaries in everything that was done and that needed to be done.

In the midst of this global disaster, bad cyber actors are becoming increasingly sophisticated – making it inevitable for organisations to ensure their cybersecurity systems are robust and up to date with the latest technology.

Mohit advised delegates to not just respond to the pandemic and recover from it but also plan to thrive during these testing times. The key to this is empowering and educating employees and finding the right partners to guide organisations on their cybersecurity strategy.

Alliances must be forged with those who are already thinking ahead in the cybersecurity landscape and who can help the industry thrive through these times with suitable solutions.

After Mohit set the stage for the discussions, Vitaly Kamluk, Director, Global Research and Analytics team, APAC, Kaspersky shared his expertise on the topic.

Vitaly: There’s a significant rise in the type and frequency of cyber threats this year

Vitaly began by highlighting the significant rise in the type and frequency of cyber threats this year as a result of the new norm of remote working.

Being an expert in the field and having been observing the cyberattacks throughout the year, Vitaly shared some interesting facts and findings.

Over the last few months, bad actors in cyberspace have been more focused on creating sophisticated targeted strikes rather than mass threats and attacks.

A major reason for this is it helps them get more ransom money without unnecessary (wide) exposure. He substantiated his reasoning by citing data of malware attack trends in 2020.

He also shared some recent cases of targeted attacks and the possible actors behind them in the telecom industry in Thailand and Hong Kong. It was eye-opening to note the kind of techniques the attackers have access to – emphasising the need to be secure even more urgent.

Vitaly concluded by pointing out another kind of targeted attacks that have become prevalent in the last few months: Ransomware.

Big companies have been compromised and blackmailed by these kinds of attacks that involve a three-stage process: 1) Infiltrate and Steal 2) Encrypt and Extort 3) Publish and Shame.

He urged the delegates to be vigilant about these threats and report any such instances rather than keeping it to themselves.

Nazri: Move from reactive to proactive security operations

After Vitaly’s informative presentation, Mohd. Nazri Bin Zawawi, Head Strategy & Governance, Group Information Security, Telekom Malaysia shared his keen insights on the subject at hand.

Nazri began by sharing his organisation’s mission, which is to make lives and businesses easier, for a better nation. He spoke with the delegates about his organisation’s experience on their journey and motivation for venturing into an intel-driven SOC.

He explained the various drivers that lead them to venture on this journey:

  1. shift from a reactive to a proactive security approach
  2. Reduce business risk before it explodes
  3. Be ready for security challenges with new technology like 5G, IoT, etc.
  4. Benefit from the multiple sources of threat intelligence
  5. Increase productivity by automating routine tasks
  6. Reduce dependency on external service providers and improve lead time for security mitigation actions

In the same vein, he also shared how the implementation of the Intel-driven SOC played out over the years for his organisation.  During the implementation process, they had to overcome a number of challenges like high investment cost, resource crunch, changing priorities, data integrity issues, etc.

In conclusion, he advised the delegates to plan for all these challenges well in advance to be able to overcome them quickly and effectively.

After the enlightening presentation by the speakers, it was time for the interactive polling session to engage the virtual audience.

On the first question about the primary cybersecurity concern of your organisation, a majority of the delegates voted for targeted attacks (46%).

The head of cyber defense from a major telecom company in Malaysia shared that he thought targeted attacks are the biggest threat right now because ransomware or any other kind of threat mentioned in the question do not happen without infiltration or a breach. Once the infiltration or the breach happens, it becomes a major concern as it can pave way for many other kinds of threats as well.

On the next question about primary IT spending in your organisation, half of the audience voted for SOC technologies (SIEM, Threat Intelligence, SOAR) (50%).

On this, a Chief Information Security Officer from a telco company in the Philippines reflected that he voted for SOC technologies based on numbers and not on importance. He believes that all the given options should be high in priority and require investment, but the biggest chunk goes into SOC technologies. That is because the SOC comprises of not just one or two technologies but various distinct technologies.

On the final question of planning to proactively prevent cybersecurity attacks, the delegates were equally split between deploy threat intelligence (44%) and engage security assessment services (44%).

A senior executive from a telecom company in the Philippines reflected that they actually have a mixed system of getting feeds from a third party along with an internal team to do the intel within the organisation. Thus, they follow a more hybrid system.

Victor Chu: Partner with Kaspersky on your SOC journey

After the polling session, Victor Chu, Head of Systems Engineering SEA- Enterprise Cybersecurity at Kaspersky addressed the delegates with closing remarks.

Victor began by throwing light on what the current threat landscape is looking like. He explained that commodity threat, advanced threat and targeted threats are all on a rise. He then went on to explain what threat intelligence is and why it is important in today’s time.

Victor concluded by letting them know that Kaspersky was always willing to partner with them for their cybersecurity needs. He encouraged them to reach out to their regional representatives to see how Kaspersky could assist them on the SOC journey.

PARTNER

Qlik’s vision is a data-literate world, where everyone can use data and analytics to improve decision-making and solve their most challenging problems. A private company, Qlik offers real-time data integration and analytics solutions, powered by Qlik Cloud, to close the gaps between data, insights and action. By transforming data into Active Intelligence, businesses can drive better decisions, improve revenue and profitability, and optimize customer relationships. Qlik serves more than 38,000 active customers in over 100 countries.

PARTNER

As a Titanium Black Partner of Dell Technologies, CTC Global Singapore boasts unparalleled access to resources.

Established in 1972, we bring 52 years of experience to the table, solidifying our position as a leading IT solutions provider in Singapore. With over 300 qualified IT professionals, we are dedicated to delivering integrated solutions that empower your organization in key areas such as Automation & AI, Cyber Security, App Modernization & Data Analytics, Enterprise Cloud Infrastructure, Workplace Modernization and Professional Services.

Renowned for our consulting expertise and delivering expert IT solutions, CTC Global Singapore has become the preferred IT outsourcing partner for businesses across Singapore.

PARTNER

Planview has one mission: to build the future of connected work. Our solutions enable organizations to connect the business from ideas to impact, empowering companies to accelerate the achievement of what matters most. Planview’s full spectrum of Portfolio Management and Work Management solutions creates an organizational focus on the strategic outcomes that matter and empowers teams to deliver their best work, no matter how they work. The comprehensive Planview platform and enterprise success model enables customers to deliver innovative, competitive products, services, and customer experiences. Headquartered in Austin, Texas, with locations around the world, Planview has more than 1,300 employees supporting 4,500 customers and 2.6 million users worldwide. For more information, visit www.planview.com.

SUPPORTING ORGANISATION

SIRIM is a premier industrial research and technology organisation in Malaysia, wholly-owned by the Minister​ of Finance Incorporated. With over forty years of experience and expertise, SIRIM is mandated as the machinery for research and technology development, and the national champion of quality. SIRIM has always played a major role in the development of the country’s private sector. By tapping into our expertise and knowledge base, we focus on developing new technologies and improvements in the manufacturing, technology and services sectors. We nurture Small Medium Enterprises (SME) growth with solutions for technology penetration and upgrading, making it an ideal technology partner for SMEs.

PARTNER

HashiCorp provides infrastructure automation software for multi-cloud environments, enabling enterprises to unlock a common cloud operating model to provision, secure, connect, and run any application on any infrastructure. HashiCorp tools allow organizations to deliver applications faster by helping enterprises transition from manual processes and ITIL practices to self-service automation and DevOps practices. 

PARTNER

IBM is a leading global hybrid cloud and AI, and business services provider. We help clients in more than 175 countries capitalize on insights from their data, streamline business processes, reduce costs and gain the competitive edge in their industries. Nearly 3,000 government and corporate entities in critical infrastructure areas such as financial services, telecommunications and healthcare rely on IBM’s hybrid cloud platform and Red Hat OpenShift to affect their digital transformations quickly, efficiently and securely. IBM’s breakthrough innovations in AI, quantum computing, industry-specific cloud solutions and business services deliver open and flexible options to our clients. All of this is backed by IBM’s legendary commitment to trust, transparency, responsibility, inclusivity and service.