- Like
- Digg
- Del
- Tumblr
- VKontakte
- Buffer
- Love This
- Odnoklassniki
- Meneame
- Blogger
- Amazon
- Yahoo Mail
- Gmail
- AOL
- Newsvine
- HackerNews
- Evernote
- MySpace
- Mail.ru
- Viadeo
- Line
- Comments
- Yummly
- SMS
- Viber
- Telegram
- Subscribe
- Skype
- Facebook Messenger
- Kakao
- LiveJournal
- Yammer
- Edgar
- Fintel
- Mix
- Instapaper
- Copy Link
OpenGov recently spoke to Kamal Brar, Vice President and
General Manager of APAC/ME, Hortonworks
about how governments can strike a balance between enabling the data economy and mitigating risks for citizens and businesses. Mr. Brar also talked about the impact of trends like cloud
and IoT and the implications of privacy protection regulations.
Founded in 2011, Hortonworks is a leading provider of big
data platforms for capturing, storing, processing and analysing data.
What are the most
important trends you see currently in the use of big data by governments in the
ASEAN region, in Singapore and in other countries?
The ASEAN region is rapidly moving towards a
digitally-enabled economy, with the ASEAN ICE Masterplan 2020 (AIM2020). The
plan encompasses eight strategic thrusts that focus on enabling an innovative,
inclusive and integrated ASEAN community.
On this front, big data plays a central role in enabling
innovation for ASEAN governments – starting with supporting open and big data
application development.
The major trend we’re seeing across most ASEAN governments
is the development of guides and applications for open and big data.
Singapore
and Malaysia have already taken steps to establish forums or platforms for the
private sector to share big data developments, and the other governments are at
varying levels of implementing similar strategies.
What has been the
impact of developments like migration to cloud and proliferation of IoT devices
for public sector data?
The capacity the Internet of Things (IoT) has to connect
devices and gather previously unimagined amounts of information has led to an
explosion of new kinds of data that’s opening up tremendous opportunities.
Meanwhile, cloud-computing plays a critical role in harnessing data produced
from billions of connected devices because of the flexibility and elasticity of
the platforms. Together, the convergence of these two trends provide a unique
opportunity for companies to rapidly ingest, process and analyse data to
generate actionable insights and provide improved services – across a wide
range of public sector services.
One example of its use in the public sector from the United
States is the MITRE
Corporation, a non-profit organisation that operates multiple federally
funded research and development centres including the Center for Advanced
Aviation System Development (CAASD),
which serves the public interest by advancing the safety, security, effectiveness,
and efficiency of aerospace in the United States and around the world.
The CAASD continuously ingests, stores and analyses massive
amounts of detailed flight data from a variety of sources and enriches it with
other data, such as: pilot and air traffic controller voice recordings, weather
data and terrain maps. Storing this data both in the cloud and on-premise, the
team has created derived data products.
With flight data, combined with data from hundreds of
different surveillance sensors, the team can now create logical “flight
stories” for any growing number of specific flights. The derived data products
are continually stored to enable historical analyses; the archive of flight
stories currently spans more than five years. All of this visibility helps to
identify systematic risks across the National Airspace System and develop
mitigation measures with airspace users, such as controller training
improvements or changes to operational procedures.
What are the
challenges faced by the public sector in unlocking the maximum potential of
data? How can they overcome those challenges?
The primary challenge for the public sector is balancing the
demands of citizens and enterprises in unlocking the potential for data, while
putting in place the necessary regulations and contingencies to mitigate risk
for citizens and businesses.
Simply put, the pace of technology innovation has continued
at a furious rate putting pressure on regulatory measures and with the
ever-increasing threat landscape, it is imperative that governments have
implemented security measures to protect the data for their citizens and
economy at large.
Another key challenge is the acute skills shortage in the
ASEAN ICT sector, which is preventing enterprises from rapidly adopting data
initiatives.
For both these challenges, partnerships between the public
and private sector can play a huge role – not only in outlining and
implementing data regulations and identifying security risks, but tapping on
the private sectors’ expertise in training and skills development for future
generations of data scientists.
In the context of the
broader economy, what role can the government play in development of a digital
data-driven economy?
In the digital economy, the government must play the dual
role of regulator and driver of data initiatives. From an authoritative
standpoint, it is critical that the government outlines the regulations for
data usage in terms of governance and security to ensure the safety of its
citizens and the wider economy. However, this must be done with the view of
enabling the data economy – through open data platforms and initiatives,
encouraging innovation and application of big data for new services. It is a
delicate balance to walk but one that must be achieved to fuel the economies of
the future.
What are the
implications of privacy protection regulations like GDPR (General Data Protection Regulation) or Singapore’s PDPA (Personal Data Protection Act) on
the collection, sharing, analysis of data for organisations in the private or
public sectors?
We live in an age where data misuse is at an all-time high,
but GDPR and Singapore’s PDPA hand significant power back to the consumer. It
strengthens the rights of individuals to control their own data. The regulation
demands that businesses make their digital operations more consumer-focused and
responsive. The penalties for non-compliance to GDPR regulations are
substantial and organisations should be putting plans in place to meet the
regulations. This can also be seen as an opportunity for businesses to enhance
their existing systems by focusing on a comprehensive digital strategy, which
fosters innovation while protecting data for citizens and consumers.
- Like
- Digg
- Del
- Tumblr
- VKontakte
- Buffer
- Love This
- Odnoklassniki
- Meneame
- Blogger
- Amazon
- Yahoo Mail
- Gmail
- AOL
- Newsvine
- HackerNews
- Evernote
- MySpace
- Mail.ru
- Viadeo
- Line
- Comments
- Yummly
- SMS
- Viber
- Telegram
- Subscribe
- Skype
- Facebook Messenger
- Kakao
- LiveJournal
- Yammer
- Edgar
- Fintel
- Mix
- Instapaper
- Copy Link
The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have teamed up to release a comprehensive guide aimed at bolstering cloud security measures for organisations. Titled “Top Ten Cloud Security Mitigation Strategies,” this initiative aims to equip cloud customers with essential practices to enhance the security of their data as they migrate to cloud environments.
In an era where digital transformation is accelerating, the migration of data and operations to cloud platforms has become commonplace. However, this transition brings with it a myriad of security concerns, as evidenced by the increasing frequency of cyberattacks targeting cloud infrastructure. Recognising the critical need to address these challenges, the NSA and CISA have collaborated to compile a set of ten cybersecurity information sheets (CSIs), each focusing on a different aspect of cloud security.
One of the primary themes emphasised in the report is the importance of upholding the cloud-shared responsibility model. This model delineates the responsibilities between cloud service providers and their customers regarding security measures. By understanding and adhering to this model, organisations can ensure that they are taking appropriate steps to safeguard their data within the cloud environment.
Another key area highlighted in the report is the implementation of secure identity and access management practices. Proper management of user identities and access controls is essential for preventing unauthorised access to sensitive data stored in the cloud. Through robust authentication mechanisms and access policies, organisations can fortify their defences against potential security breaches.
In addition, the report emphasises the critical importance of implementing secure key management practices, robust encryption mechanisms, and effective network segmentation strategies within cloud environments. These measures play a pivotal role in protecting data both when it is stored and when it is being transferred, thereby reducing the likelihood of data breaches and unauthorised interception.
Furthermore, the report highlights the significance of securing data throughout its entire lifecycle in the cloud. This includes implementing stringent security measures for data storage, processing, transmission, and disposal. By doing so, organisations can effectively protect their data against a wide range of evolving threats.
Another critical aspect covered in the report is the defence of continuous integration/continuous delivery (CI/CD) environments. As organisations increasingly adopt DevOps practices and automate their software development processes, securing CI/CD pipelines becomes paramount to prevent the introduction of vulnerabilities and malicious code into production environments.
Moreover, the report emphasises the enforcement of secure automated deployment practices through infrastructure as code (IaC). By treating infrastructure as code and automating deployment processes, organisations can ensure consistency, repeatability, and security in their cloud environments.
The complexities introduced by hybrid cloud and multi-cloud environments are also addressed in the report. As organisations adopt hybrid and multi-cloud strategies to meet their diverse needs, they must navigate the unique security challenges posed by these environments effectively.
Additionally, the report highlights the risks associated with managed service providers (MSPs) in cloud environments. While MSPs offer valuable services and expertise, organisations must be vigilant in vetting and managing their relationships with MSPs to mitigate potential security risks.
The report stresses the importance of managing cloud logs for effective threat hunting. By aggregating and analysing logs generated by cloud services, organisations can proactively identify and respond to security incidents before they escalate.
The “Top Ten Cloud Security Mitigation Strategies” initiative by the NSA and CISA provides invaluable guidance to organisations seeking to enhance the security of their data in cloud environments. The NSA and CISA envision these strategies as foundational advice that every cloud customer should follow to mitigate the risks associated with cloud services. By implementing these strategies effectively, organisations anywhere can mitigate risks and bolster their defences against cyber threats in an increasingly digital landscape nowadays.
- Like
- Digg
- Del
- Tumblr
- VKontakte
- Buffer
- Love This
- Odnoklassniki
- Meneame
- Blogger
- Amazon
- Yahoo Mail
- Gmail
- AOL
- Newsvine
- HackerNews
- Evernote
- MySpace
- Mail.ru
- Viadeo
- Line
- Comments
- Yummly
- SMS
- Viber
- Telegram
- Subscribe
- Skype
- Facebook Messenger
- Kakao
- LiveJournal
- Yammer
- Edgar
- Fintel
- Mix
- Instapaper
- Copy Link
In the era of digital transformation, the hybrid cloud has become a crucial driver for organisations striving to navigate and thrive in a rapidly evolving environment. The adoption of advanced technologies such as big data analytics, machine learning, and artificial intelligence empowers businesses to leverage innovation and enhance their decision-making processes. This paradigm shift underscores the importance of hybrid cloud in enabling organisations to adapt to change, drive growth, and remain competitive in today’s dynamic business landscape.
Executives surveyed by HPE support the idea that a hybrid cloud strategy represents the optimal blend of technologies for achieving their company’s goals. According to their findings, 91% of organisations are currently implementing this operational model to some extent. Among these organisations, 33% utilise a combination of private and public clouds, while 31% leverage a mix of private and public clouds along with on-premises infrastructure.
Global enterprise leaders emphasise that a hybrid cloud approach offers unparalleled flexibility and control, allowing organisations to tailor their operations to suit their specific needs. This approach also facilitates seamless integration, enabling businesses to develop digital products and services with agility and efficiently move data across different environments. These capabilities are instrumental in driving business growth, creating new revenue streams, and facilitating the integration of acquired companies by transitioning their existing legacy on-premises systems into existing cloud components.
Similarly, Singaporean enterprises and organisations have demonstrated a solid commitment to technological advancement by widely adopting cloud strategies. Recognising the importance of flexibility and scalability in today’s digital era, they have embraced hybrid cloud solutions to seamlessly integrate on-premises infrastructure with public and private cloud services, enabling them to optimise their operations.
The strategic objectives driving Singapore’s embrace of hybrid cloud, including enhancing operational efficiency, facilitating digital transformation, and capitalising on emerging opportunities, highlight the importance of a well-defined plan for successful implementation. Without this strategic approach, organisations may find themselves with a fragmented and inefficient hybrid data and cloud environment, failing to realise the full benefits of hybrid cloud adoption.
To avoid this scenario, organisations must adopt a more strategic approach to hybrid cloud and simplify data management. This involves shifting from a hybrid cloud implementation by accident to one by design, thereby enhancing their cloud operating model and maximising the benefits of hybrid cloud adoption.
Furthermore, security remains a paramount concern in hybrid cloud environments. Organisations and enterprises must assess their risk tolerance, as opting for an exclusive private cloud might seem like the safest choice. However, despite the common belief that private clouds offer the highest level of security, the advantages of a hybrid cloud far outweigh this assumption. It is crucial to understand that the hybrid model is not inherently insecure simply because private clouds are often perceived as more secure.
Hybrid cloud affords organisations the flexibility to implement security measures across various layers, including legacy systems, on-premise private clouds, and cloud-based data. This approach enables organisations to implement stricter security measures, outsource to specialised providers, establish secure connections through tunnels, and reduce the time spent on monitoring security subsystems and compliance risks.
Virtual Private Networks (VPNs) can mitigate data compromise risks when transmitting data between legacy systems, on-premises infrastructure, and the cloud. Additionally, a hybrid cloud setup introduces redundancy, enabling organisations to implement backup plans and minimise downtime. Overall, the hybrid cloud model helps reduce risk and allows organisations to concentrate on their core business activities.
The OpenGov Breakfast Insight on 8 March 2024 at Equarius Hotel Singapore has delved into the critical role of hybrid cloud in modern business operations, highlighting its ability to provide flexibility, scalability, and enhanced security. With a focus on practical insights and real-world examples, the event provided delegates with valuable information on how to implement and manage hybrid cloud solutions effectively.
Opening Remarks
According to Mohit Sagar, the CEO and Editor-in-Chief at OpenGov Asia, businesses increasingly turn to hybrid cloud solutions for operational optimisation and competitiveness in the digital age. This architecture combines on-premises infrastructure with public and private cloud services, offering flexibility and scalability and allowing strategic workload, application, and data transfers across environments for enhanced performance and cost-effectiveness.
“Singapore has made significant strides in digital transformation by integrating on-premises infrastructure with public and private cloud services,” Mohit acknowledges. “This strategic approach offers unparalleled flexibility, scalability, and innovation, positioning Singapore at the forefront of technological advancement.”
Adopting a hybrid cloud is both a technical change and a strategic imperative for sustainable growth in the digital era, as exemplified by Singapore’s significant strides in digital transformation.
Businesses in Singapore maximise performance, manage workloads effectively, and balance security and compliance complexities with a hybrid cloud strategy. The hybrid model enables organisations to balance security, compliance, and innovation, supporting confident digital transformation.
“In Singapore, 67% of IT teams used a combination of private and public clouds, multiple public clouds, or on-premises and hosted data centres,” Mohit reveals. “Even with data management and complexity difficulties, more than two-thirds of Singaporean firms utilise a combination of private and public cloud and on-premises and hosted data centres.”
Elaborating on the advantages of a hybrid cloud, highlighting its ability to leverage the strengths of both on-premises and cloud systems, Mohit notes that global enterprise leaders believe that a hybrid cloud gives you the flexibility to operate and better control that suits the organisation better operate and better control that suits the organisation best.
The hybrid cloud allows seamless integration for developing digital products and services with agility, enabling data movement across various environments to foster business growth and generate new revenue streams. This is particularly relevant in scenarios where a company is acquired and it is necessary to migrate its legacy on-premises systems to one of the established cloud components.
Hybrid cloud adoption is seen as a tactical advantage, offering a comprehensive solution that combines flexibility, speed, and cost efficiency for organisations undergoing digital transformation. However, despite these benefits, organisations must also address several challenges.
A major challenge is the complexity of operating a hybrid environment that mixes on-premises infrastructure with public and private cloud services. Integration and interoperability challenges may arise, requiring careful design and implementation.
Another significant concern is the issue of security, which requires strong measures to balance accessibility and data protection. Organisations must establish comprehensive security plans to safeguard data, applications, and communication channels.
Additionally, managing the specialised skills, tools, and complexities of data transport and storage in a hybrid environment may increase costs.
Successfully addressing these challenges is crucial for organisations to realise the full benefits of hybrid cloud adoption.
Nevertheless, Mohit recognises that the hybrid cloud is a transformative force, far more than just a technological tool. It is a catalyst for change, a compass directing enterprises through new landscapes.
“With this in mind let’s create new paths together,” Mohit exhorts the delegates, “Empowered by the revolutionary potential of hybrid cloud solutions, we have the opportunity to shape a future characterised by boundless creativity and possibilities.”
Technology Insight
Dilipkumar B. Khandelwal, Chief Technology Officer for SG/SEA at Hewlett Packard Enterprise, provided insights into the advantages and obstacles associated with hybrid cloud utilisation. He also offered his viewpoint on cloud adoption strategies, effective implementation of hybrid approaches, and methods for tackling governance issues.
Dilipkumar recognises the critical importance of a hybrid cloud in modern business operations. This approach combines the best of both worlds, allowing organisations to leverage the scalability and flexibility of cloud services while maintaining control over sensitive data and applications. By embracing a hybrid cloud, businesses can adapt quickly to changing market conditions, innovate with agility, and drive growth in a rapidly evolving digital landscape.
With a hybrid cloud, businesses can run sensitive workloads in their private cloud and transfer data between suitable public cloud data centres, adapting to regulatory changes and evolving requirements.
Business continuity, crucial for regulatory compliance, is improved with hybrid cloud support for application, data, and disaster recovery tasks, protecting against system failures, security issues, and physical disasters.
For example, a company could duplicate critical workload data from a local application to a public cloud, ensuring availability or recovery in case of data loss. In a more complex scenario, a business might scale or migrate a busy application from its private cloud to the public cloud to manage increased user traffic, preventing performance issues and improving user experience.
Enterprise applications and data resources inherently carry security, performance, and reliability risks. Hybrid clouds provide companies with the flexibility and control to strategically position applications and data according to changing business and technological needs.
Building on this idea, with a hybrid cloud, enterprises can choose the location of applications and data and determine the most effective way to allocate resources and services to achieve optimal outcomes for the business and its application users.
Dilipkumar acknowledged that deploying hybrid clouds can be challenging due to configuration and security complexities. IT staff must manage authentication and security measures for private and public cloud workloads and data, ensuring consistency and complementarity across both realms.
“It is crucial to ensure that security settings are consistent and complementary across both realms, as any change in one cloud may need to be reflected in the other,” Dilipkumar cautions.
In tackling these obstacles, Dilipkumar says that HPE provides unmatched simplicity in deploying hybrid cloud solutions. Referred to as a unified edge-to-cloud platform, HPE offers a streamlined and accessible method for building and overseeing hybrid cloud ecosystems.
It integrates critical features such as flexibility, scalability, security, visibility, and ease of management, allowing organisations to deploy traditional or cloud-native workloads across their entire IT ecosystem.
“In the dynamic digital landscape, the hybrid cloud is pivotal for businesses, offering agility and control,” concludes Dilipkumar. “By simplifying the adoption and management of hybrid cloud strategies, HPE empowers companies to leverage the latest technologies effectively and stay ahead. We support a hybrid-centric strategy.”
In Conversation With
A hybrid cloud is a sophisticated cloud computing system that integrates public and private cloud services to manage a wide range of applications effectively. This environment provides organisations with the flexibility to place their most sensitive workloads in an on-premise cloud (private cloud) while leveraging third-party cloud providers for less critical resources, thus allowing them to harness the advantages of both approaches.
For enterprises seeking greater control and security over their data while also requiring a cost-effective way to scale operations to meet fluctuating demands and support long-term growth, a hybrid cloud emerges as the optimal choice.
Sander Veraar, Vice President of Strategic Services at StarHub, underscored the critical role of cost management in companies contemplating cloud migration. While choosing a private cloud involves substantial fixed costs for owning and managing internal data centres, public cloud services offer a more adaptable cost structure with operational and variable expenses.
“A hybrid cloud environment offers companies the flexibility to store their sensitive business-critical data on their on-site servers while utilising the public cloud for less critical data and applications,” explained Sander.
This setup allows businesses to optimise their infrastructure costs by scaling resources according to demand. During periods of increased demand, companies can avoid significant capital expenditures by paying for the resources they actually use. Conversely, when demand decreases, costs are reduced accordingly.
Sander believes that organisations gain significant resource advantages with a hybrid cloud compared to traditional physical data centres. The hybrid cloud’s ability to efficiently allocate, deploy, and scale resources enables companies to respond to spikes in demand quickly. When demand exceeds the local data centre’s capacity, a company must have the capability to scale up immediately to meet the increase, a capability that a hybrid cloud environment provides effectively.
Sander points out that a swift response not only prevents missing potential customers but also protects the organisation’s brand reputation. A hybrid cloud setup allows companies to scale up applications to the public cloud to meet demand, ensuring extra capacity and scalability.
Organisations can proactively manage evolving security challenges in a hybrid cloud environment by tackling the following critical issues and adopting recommended strategies:
- Visibility Challenges: The integration of public and private clouds can introduce complexity and elevate security risks.
- Insecure Data Transmission: Data transfer between public and private clouds poses security risks, such as eavesdropping or cyberattacks. Robust encryption, including hardware security modules and cryptographic tools, is crucial to secure data in transit.
- Compliance Challenges: Hybrid cloud complexity can challenge compliance efforts. To maintain compliance, prioritise it from the start, conduct continuous security assessments, and follow data security guidelines. Encryption and adherence to standards can also help.
- Supply Chain Vulnerabilities: Small vendors in the supply chain pose major security risks. Attackers may exploit these vulnerabilities to access larger targets. To mitigate this, use strong encryption and strict access control to secure data transfers and reduce hybrid cloud breach risks.
By effectively addressing these challenges and implementing best practices such as robust encryption, continuous security risk assessment, and stringent compliance adherence, organisations can enhance their security posture in a hybrid cloud environment and proactively mitigate emerging security concerns.
Dilipkumar B. Khandelwal, who serves as a Chief Technology Officer SG/SEA, Hewlett Packard Enterprise, explained that Hybrid cloud solutions combine on-premises and public cloud environments, enabling seamless collaboration and data integration across diverse sources. They enhance intelligence through:
Data Warehouse Integration: Combining data from AWS Redshift, Google BigQuery, and Azure Blob Storage into a centralised data warehouse for quicker insights and decision-making.
IoT Connectivity: Connecting IoT devices to a centralised data repository for improved operational efficiency and insights for predictive maintenance.
Machine Learning Model Training: Increasing accuracy and relevance by feeding machine learning models with real-time data from various sources.
Security Analytics: Strengthening security monitoring and incident detection by collecting and analysing log files and event data from multiple sources.
Customer Experience Enrichment: Improving personalisation and satisfaction by creating a comprehensive customer profile from various touchpoints.
These examples showcase how hybrid cloud solutions streamline data integration, leading to actionable insights, increased efficiency, and enhanced intelligence. They promote collaboration and innovation by connecting data sources and breaking down organisational silos.
In managing threat detection and continuous monitoring in a hybrid cloud environment, various strategies are used to mitigate security risks and promptly identify potential breaches. These include:
- Real-Time Threat Detection: Using advanced cloud security monitoring solutions to continuously scan logs and events across the hybrid environment for anomalous activities in near-real-time.
- Multi-Layer Security Approach: Implementing a combination of native cloud monitoring tools, third-party solutions, and best practices to ensure comprehensive coverage of the hybrid cloud infrastructure.
- Cloud Security Information and Event Management (SIEM): Employing an SIEM tool to collect and analyse log data from both physical and virtual servers, aiding in the identification of suspicious behaviour and reducing false positives.
Additionally, employing machine learning algorithms and AI-powered threat detection engines can significantly enhance the identification of sophisticated threats. Collaborating with other organisations and security communities to share threat intelligence can improve defence mechanisms and reduce blind spots.
Applying a zero-trust model, where no entity is implicitly trusted, can help limit the impact of compromised credentials and reduce the likelihood of successful attacks.
“These approaches, coupled with staying abreast of the latest developments in cloud security, enable organisations to defend against the unique challenges of hybrid cloud architectures proactively,” Dilipkumar says.
Closing Remarks
Dilipkumar expressed gratitude to the attendees of the OpenGov Breakfast Insight, acknowledging their dedication to sharing knowledge and fostering professional connections in the digital era.
He views these gatherings not simply as conversations, but as opportunities to exchange valuable experiences and insights essential for navigating the complexities of today’s digital landscape. Dilipkumar is optimistic that these interactions will enable participants to leverage their newfound knowledge in their respective workplaces, promoting innovation and facilitating growth.
Dilipkumar reiterated the benefits of hybrid cloud solutions, which blend public and private cloud services to enhance operational efficiency and flexibility while safeguarding sensitive data. He highlighted their importance in digital transformations to maintain competitiveness and resilience in evolving business environments.
In such circumstances, it becomes evident that businesses can generate significant value for themselves and society at large by embracing technology wisely. He emphasised the necessity of continuous learning and adapting to technological advancements, acknowledging the dynamic nature of the technology sector and the ongoing need for education and evolution.
Furthermore, Dilipkumar encouraged continued collaboration and knowledge sharing among participants to foster a robust business ecosystem. He is convinced that success in the digital era hinges on collective efforts and the sharing of insights and best practices. By working together, businesses can create an innovative and sustainable environment that benefits all stakeholders.
Dilipkumar expressed optimism about the delegates’ potential to drive technological innovation and address challenges in the digital era. He urged them to maintain their commitment to advancing technology and assisting companies and customers in navigating the evolving digital landscape.
“Given your experience and dedication, I am confident that you will continue to play a pivotal role in shaping the technology industry and fostering business sustainability,” Dilipkumar concluded.
- Like
- Digg
- Del
- Tumblr
- VKontakte
- Buffer
- Love This
- Odnoklassniki
- Meneame
- Blogger
- Amazon
- Yahoo Mail
- Gmail
- AOL
- Newsvine
- HackerNews
- Evernote
- MySpace
- Mail.ru
- Viadeo
- Line
- Comments
- Yummly
- SMS
- Viber
- Telegram
- Subscribe
- Skype
- Facebook Messenger
- Kakao
- LiveJournal
- Yammer
- Edgar
- Fintel
- Mix
- Instapaper
- Copy Link
The Data Innovation and Governance Institute (DIGI), under the Digital Government Development Agency (Public Organisation) or DGA, has organised the International Open Data Day 2024, a significant event aimed at promoting the use of data systems and highlighting the importance of open data in advancing towards sustainable open government. This forum emphasised the critical role that open data plays in driving technological advancements and digital transformations towards sustainable governance.
Open data serves as a powerful catalyst for positive technological change, offering insights into inequalities and disparities in income, wealth, and access to government services. It also helps measure the impact of development initiatives, establish benchmarks, and improve the efficiency and effectiveness of public services. By promoting data systems, the event aimed to underscore the transformative power of open data in advancing sustainable development through digital means.
Puchpong Nodthaisong, Secretary-General of the National Digital Economy and Society Commission (NDESC), previously highlighted the importance of the open data platform in improving the utilisation of government data accounts. The platform ensures that critical national development issues are adequately analysed and decided upon.
Based on the OpenGov report, Puchpong Nodthaisong emphasised, “data is a valuable asset in the country’s growth process, facilitating data analysis and decision-making in various disciplines, including scenario analysis for project planning, monitoring, and evaluation under the country’s economic and social thrust.”
At the forum, Dr Puangpetch Chunlaid, Minister attached to the Prime Minister’s Office, played a central role, presiding over the ceremony and delivering a keynote address that underscored the importance of information disclosure in the transition to a digital government. Dr Chunlaid emphasised the pivotal role of data in modern governance, stating that it is crucial for making informed policy decisions, enhancing operational efficiency and driving innovation. He highlighted how data-driven approaches can lead to the development of more effective economic and social policies, ultimately fostering strong and sustainable growth.
Mrs Irada Lueangwilai, Deputy Director and Acting Director of the Digital Government Development Agency reiterated the DGA’s commitment to driving digital government development in Thailand. The agency aims to enhance government efficiency through digital technology, develop online services for the public and various sectors, and facilitate information exchange between government agencies, all essential aspects of a digital government.
International Open Data Day has highlighted the importance of information disclosure. In Thailand, the event, hosted by the DGA under the theme “Data-Driven for Sustainability,” emphasised data’s role in sustainable development. The event included activities organised by the DGA, demonstrating Thailand’s commitment to leveraging data for sustainable development and open government.
DGA has been committed to spurring the development of open data in Thailand. It has been proven since 2015, when the DGA’s establishment of the open government data centre, data.go.th, marked a significant achievement in promoting open government policy and strengthening public participation. With over 11,000 datasets released by government agencies, government data has been transformed into a valuable public resource, driving innovations that benefit the nation.
DGA continues to provide information on using open data in the public sector through DIGI’s social media page, Data Innovation and Governance Institute, showcasing the government’s dedication to harnessing data’s power for sustainable development and open government through digital technologies.
The overarching goal of this gathering was to cultivate a culture of data-driven decision-making, equipping individuals with the capabilities to extract profound insights from data. These insights are pivotal in informing decision-making processes and conducting in-depth analyses across various domains.
Moreover, these forums catalyse robust collaborations within a data community, extending beyond national boundaries. They facilitate the exchange of information at an international level, thereby contributing to the harmonisation and integration of diverse datasets. This effort results in tangible use cases that benefit the public and contribute to the further expansion of the economy.
In the future, DGA will consistently collaborate with other stakeholders, including academia, civil society, and the private sector, to expand the reach and impact of open data initiatives. By building partnerships and sharing best practices, DGA seeks to create a more vibrant and sustainable open data ecosystem in Thailand.
- Like
- Digg
- Del
- Tumblr
- VKontakte
- Buffer
- Love This
- Odnoklassniki
- Meneame
- Blogger
- Amazon
- Yahoo Mail
- Gmail
- AOL
- Newsvine
- HackerNews
- Evernote
- MySpace
- Mail.ru
- Viadeo
- Line
- Comments
- Yummly
- SMS
- Viber
- Telegram
- Subscribe
- Skype
- Facebook Messenger
- Kakao
- LiveJournal
- Yammer
- Edgar
- Fintel
- Mix
- Instapaper
- Copy Link
The Ministry of Public Security is spearheading a groundbreaking initiative with the introduction of a draft proposal for Vietnam’s Data Law. This pivotal legislation addresses the pressing need for a centralised national data centre, marking a significant stride towards cohesive data management infrastructure.
Currently, several ministries grapple with inadequate infrastructure to support vital information technology systems. This deficiency results in disjointed databases plagued by issues of standardisation and uniformity. Moreover, existing data centres suffer from insufficient investment, non-compliance with standards, and lax security measures.
To tackle these challenges head-on, the proposed regulations aim to establish a national data centre. This centre will function as a centralised repository, fostering seamless connectivity among disparate databases and information systems.
The Ministry of Public Security is actively working towards the completion and operation of the inaugural national data centre in Hoa Lac (Hanoi) by the end of 2025. This aligns with the timelines set forth in Resolution No. 175/NQ-CP and the effective date of the Data Law on January 1, 2026.
The impact policy assessment report by the Ministry of Public Security underscores the benefits of the national data centre. It anticipates reduced investment costs for the state in digital transformation infrastructure and resources.
This initiative promises streamlined management and expertise for nationwide data activities, spanning collection, storage, management, exploitation, use, and sharing. Additionally, it ensures cost savings in administering information systems outside the state database of political and socio-political organisations.
Organisations, businesses, and individuals are encouraged to register and utilise services from the government-provided national data centre infrastructure and cloud computing services. This not only optimises investment resources but also mitigates concerns surrounding data leakage.
The Ministry of Public Security forecasts significant cost savings for ministries, departments, and localities in data collection and cleaning related to the population. Leveraging information from the national population database is projected to yield substantial savings.
Furthermore, entities currently leasing data infrastructure space at a considerable cost stand to benefit from transitioning to the national data centre. This shift ensures top-tier security and safety while enabling the state to reduce expenses associated with renting premises, operational costs, and business profits.
The Ministry of Public Security actively seeks input from agencies, organisations, and individuals for the draft Data Law. In recent years, Vietnam has demonstrated its commitment to establishing a robust legal framework for data management. Despite numerous laws regulating databases, the current framework is deemed incomplete, lacking unified standards and efficient deployment mechanisms.
The proposed Data Law aims to bridge this gap by addressing crucial areas such as data building, development, processing, and management. It also encompasses regulations on the national consolidated database, the national data centre, and associated products and services.
Ultimately, the Data Law seeks to bolster Vietnam’s digital government, digital economy, and digital society. By ensuring security, safety, and effective support for the Fourth Industrial Revolution, this legislation heralds a new era of data management in Vietnam. The Ministry suggests aligning other relevant laws with the provisions of the Data Law to foster a cohesive legal landscape conducive to digital advancement.
As OpenGov Asia reported, Vietnam’s digitalisation journey is propelled by the recently approved National Data Strategy, envisioning ambitious technological advancements by 2030. Central to this strategy is transitioning all administrative procedures online, bolstering efficiency in government services.
To support this, Vietnam plans to interconnect national and regional data centres and high-performance computing hubs, enabling seamless data sharing nationwide. Intending to digitalise the entire national database, Vietnam aims to establish an e-government framework, promoting accessibility and transparency in governance.
- Like
- Digg
- Del
- Tumblr
- VKontakte
- Buffer
- Love This
- Odnoklassniki
- Meneame
- Blogger
- Amazon
- Yahoo Mail
- Gmail
- AOL
- Newsvine
- HackerNews
- Evernote
- MySpace
- Mail.ru
- Viadeo
- Line
- Comments
- Yummly
- SMS
- Viber
- Telegram
- Subscribe
- Skype
- Facebook Messenger
- Kakao
- LiveJournal
- Yammer
- Edgar
- Fintel
- Mix
- Instapaper
- Copy Link
In a bid to harness the power of big data for social and economic progress, the Thai government, led by Mr Prasert Chandraruangthong, Minister of Digital Economy and Society (DE), has unveiled the Big Data Institute’s (BDI) new role in shaping the future through data. The initiative, titled “Power the Future with Data – The Next Chapter of BDI,” aims to harness the power of big data and AI to drive economic and societal growth in the digital era.
Thailand has long recognised the importance of data in its growth trajectory. The Digital Economy Promotion Agency (Depa), operating under the Ministry of Digital Economy and Society (DES), has actively promoted the use of big data for national progress, including during the tenure of the GBDi. The previous institute successfully streamlined over 100 projects undertaken by 67 state agencies and was crucial in developing platforms to support these initiatives.
At the meeting, key figures attended, including Professor Wisit Wisitsaratha, Permanent Secretary of the Ministry of Digital Affairs, Mr Suthikiat Veerakijpanich, Advisor to the Minister, Mr Wanlop Rujirakorn, Secretary to the Minister, and Associate Professor Dr Theeranee Ajalakul, Director of the Big Data Institute, highlighting the institute’s collaborative efforts with government agencies.
In his address, Mr Prasert highlighted the pivotal role of the Big Data Institute in leveraging big data to propel the country forward. He emphasised the institute’s role in bridging the gap between government agencies, enabling them to utilise various information sources for maximum benefit. This approach, he noted, is crucial for accelerating national development and enhancing the quality of life for citizens in a sustainable manner.
“Big data is critical because it provides valuable insights, patterns, and trends from vast amounts of structured and unstructured data. By leveraging big data, organisations and societies can enhance decision-making, optimise operations, and drive innovation across various sectors,” Mr Prasert explained.
Further, Mr Prasert underscored the importance of the Thai Large Language Model (ThaiLLM) project, led by the Big Data Institute, as a key component of Thailand’s artificial intelligence infrastructure. The project aligns with the Ministry of DE’s focus on leveraging data technology and AI to enhance Thailand’s digital and innovation competitiveness on a global scale.
According to a previous OpenGov Asia report, developing the Thai Large Language Model (Thai LLM) is a significant step towards enhancing Thailand’s natural language processing capabilities. Large language models, like the Thai LLM, can process and generate human language, enabling a wide range of applications such as machine translation, text summarisation, and chatbots in the Thai language.
Following the discussion on the ThaiLLM project, Professor Phiphisit Wisit Wisitsaratha, Permanent Secretary of the Ministry of Digital Economy and Society, delivered a lecture on the policy direction of using data technology and AI to drive Thailand forward. He emphasised the ministry’s commitment to promoting public benefit and readiness to adapt to modern challenges, particularly in big data technology.
Associate Professor Dr Theeranee Ajalakul, Director of the Big Data Institute, highlighted BDI’s role in promoting the use of analytical data for decision-making and service delivery. The institute serves as a hub for connecting and analysing data across various sectors, fostering an ecosystem that supports data entrepreneurs and meets the demands of the Thai industrial sector.
An important aspect of BDI’s work is its focus on developing a skilled workforce in big data. The institute has trained over 100 new-generation information professionals, equipping them with the skills to drive Thailand’s competitive advantage and contribute to sustainable economic growth.
In this context, the efforts of the Big Data Institute underscore Thailand’s commitment to becoming a Data-Driven Nation. It is believed that by leveraging data and AI technologies, Thailand aims to achieve concrete national reforms to propel the country towards stable, sustainable, and transparent economic development.
“Thailand is laying the foundation for a more competitive digital economy. This could lead to significant improvements in efficiency, innovation, and overall quality of life for its citizens in the future,” Mr Prasert concluded.
- Like
- Digg
- Del
- Tumblr
- VKontakte
- Buffer
- Love This
- Odnoklassniki
- Meneame
- Blogger
- Amazon
- Yahoo Mail
- Gmail
- AOL
- Newsvine
- HackerNews
- Evernote
- MySpace
- Mail.ru
- Viadeo
- Line
- Comments
- Yummly
- SMS
- Viber
- Telegram
- Subscribe
- Skype
- Facebook Messenger
- Kakao
- LiveJournal
- Yammer
- Edgar
- Fintel
- Mix
- Instapaper
- Copy Link
In New Zealand, the emphasis on cloud-based infrastructure is substantial, with a plethora of initiatives and partnerships aimed at propelling digital transformation and enriching cloud services for businesses and organisations. This strategic shift towards cloud-based infrastructure is being harnessed across diverse sectors to bolster operational efficiency, fortify cybersecurity measures, and augment accessibility to digital resources.
As organisations in New Zealand continue to modernise their systems and migrate to cloud-based infrastructure, cybersecurity emerges as a paramount concern. One of the critical aspects of cybersecurity in this context is ensuring the protection of data stored and transmitted through cloud services.
The recent advisory issued by the UK’s National Cyber Security Centre (NCSC UK) concerning APT29, underscores cyber threats’ dynamic and ever-evolving landscape. This advisory serves as a poignant reminder of the criticality of remaining vigilant, informed, and prepared in the face of increasingly sophisticated cyber adversaries.
NCSC UK and international partners have assessed APT29 as a cyber espionage group. This attribution is supported by agencies such as the US National Security Agency (NSA), the US Cybersecurity and Infrastructure Security Agency (CISA), the US Cyber National Mission Force (CNMF), the Federal Bureau of Investigation (FBI), the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), the Canadian Centre for Cyber Security (CCCS), and NCSC NZ. These organisations agree with the details in the advisory, emphasising the need for a coordinated international response to cyber threats.
One of the critical aspects highlighted in the advisory is the adaptation of APT29 to target organisations transitioning to cloud-based infrastructure. This highlights the importance of understanding threat actors’ specific tactics, techniques, and procedures (TTPs) in the cloud environment. One tactic observed is the exploitation of service and dormant accounts.
APT29 has used brute force and password-spraying techniques to access these accounts, which are often highly privileged and used to manage applications and services. Organisations can mitigate this risk by enforcing strong password policies, implementing multi-factor authentication (MFA), and regularly auditing and deactivating dormant accounts.
Another tactic employed by APT29 is the use of cloud-based token authentication. Threat actors can bypass traditional authentication methods by using tokens to access accounts without needing a password.
Organisations can protect against this by adjusting token validity times and implementing strong MFA policies. Enrolling new devices on the cloud is another avenue exploited by APT29. By registering their device as a new device on the cloud tenant, threat actors can gain unauthorised access to the network. Organisations can defend against this by configuring network policies to validate devices before granting access.
To evade detection, APT29 has also utilised residential proxies to hide their true IP addresses. This underscores the importance of comprehensive logging and monitoring to detect and respond to suspicious activity. Implementing network defences that consider a variety of information sources can help mitigate this risk.
The guidance in the advisory serves as a reminder of the importance of a strong cybersecurity posture, mainly as organisations increasingly rely on cloud infrastructure. Remaining informed about the latest cybersecurity trends and threats is imperative for organisations to identify and address vulnerabilities in their systems proactively. This knowledge empowers them to implement necessary security measures and mitigations effectively.
Moreover, collaboration with cybersecurity experts and sharing information with other organisations can significantly enhance overall cybersecurity posture, as collective insights and experiences can inform better defence strategies. By staying vigilant and implementing the recommended mitigations, organisations can substantially improve their ability to protect their networks and data from cyber threats. This approach is crucial in the face of evolving cyber risks and threats.
It is critical that New Zealand, like any other country, continuously adapts and improves its cybersecurity practices to protect its data and systems in the digital age effectively. Only through ongoing efforts and collaboration can organisations and countries effectively mitigate cyber risks and ensure a secure digital environment.
- Like
- Digg
- Del
- Tumblr
- VKontakte
- Buffer
- Love This
- Odnoklassniki
- Meneame
- Blogger
- Amazon
- Yahoo Mail
- Gmail
- AOL
- Newsvine
- HackerNews
- Evernote
- MySpace
- Mail.ru
- Viadeo
- Line
- Comments
- Yummly
- SMS
- Viber
- Telegram
- Subscribe
- Skype
- Facebook Messenger
- Kakao
- LiveJournal
- Yammer
- Edgar
- Fintel
- Mix
- Instapaper
- Copy Link
In response to the rapidly evolving landscape of data collection and analysis driven by advances in artificial intelligence, the U.S. National Science Foundation (NSF) and the U.S. Department of Energy (DOE) have joined forces to establish a Research Coordination Network (RCN) dedicated to advancing privacy research and the development, deployment, and scaling of privacy-enhancing technologies (PETs).
This initiative, which fulfils a mandate from the “Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence,” aims to advance the recommendations in the National Strategy to Advance Privacy-Preserving Data Sharing and Analytics. The goal is to move towards a data ecosystem where the beneficial power of data can be unlocked while protecting privacy.
“This crucial investment represents our commitment to advancing the foundations of responsible AI and privacy-enhancing technologies,” said Dilma DaSilva, who serves as an assistant director for NSF’s Computer and Information Science and Engineering Directorate. “This effort supports research and development that enables individuals and society to benefit equitably from the value derived from privacy-preserving data sharing and analytics.”
Asmeret Asefaw Berhe, director of DOE’s Office of Science, emphasised the increasing importance of privacy-enhancing technologies in today’s data-driven landscape. “Privacy-enhancing technologies allow us to safeguard sensitive datasets and information needed to advance a broad research, development, and demonstration portfolio,” she said. “This Research Coordination Network will help us move toward the shared goal of establishing new data safety and security standards that will allow us to continue to develop the innovations and scientific discoveries we need to achieve our clean energy and industrial goals.”
Through this initiative, RCN also brings together experts from academia, industry, and government to support the development, deployment, and scaling of PETs. These crucial technologies enable data analysis while safeguarding individual privacy and addressing concerns arising from the increasing sophistication of data analysis techniques.
One of the primary goals of the RCN is to address the barriers to the widespread adoption of PETs, including regulatory considerations. By convening multidisciplinary, cross-sector, and international expert groups, the RCN aims to understand the risks of data sharing and analytics for marginalised and vulnerable groups. Central to the RCN’s mission is examining various mechanisms for deploying PETs, including research, technological innovations, regulatory measures, and standards and certifications. The team will prioritise use cases for PETs that support privacy-preserving machine learning and those essential for federal agencies to ensure the equitable use of AI.
With support from NSF and DOE, the RCN will drive meaningful progress in developing and deploying PETs, laying the foundation for a more privacy-conscious approach to data sharing and analytics in an era defined by rapid technological advancement.
The RCN’s work is particularly timely as society grapples with the challenges and opportunities presented by the proliferation of AI and data-driven technologies. The ability to harness the power of data for societal benefit while respecting privacy and individual rights is a key focus of the RCN. “By fostering collaboration and innovation in privacy-enhancing technologies, the RCN aims to shape a future where data can be shared and analysed responsibly, unlocking new insights and capabilities while protecting privacy and promoting equity,” Asmeret said.
Moreover, the RCN’s efforts will also contribute to discussions on broader data governance and privacy regulation. As governments and organisations worldwide seek to establish frameworks for responsible AI and data use, the insights and recommendations generated by the RCN will be invaluable in shaping policy and best practices.
Establishing the RCN marks a significant milestone in advancing privacy research and developing PETs in the United States. The RCN is well-positioned to drive substantial progress in this critical area by convening experts from various disciplines and sectors. In an era of rapid technological advancement, society faces challenges and opportunities in the digital age. The work of the RCN will play a crucial role in shaping a future where data can be utilised responsibly and ethically, ultimately benefiting all individuals and communities.