|
Getting your Trinity Audio player ready...
|
In an era characterised by swift technological progress, profound transformations have reshaped multiple aspects of human existence. Although technology has streamlined work processes, improved business efficiency, and reduced costs, the looming threat of cyberattacks persists. The second quarter of this year saw a notable 8% increase in global weekly cyberattacks, reaching a two-year peak, highlighting the enduring vulnerability.
While digital progress offers numerous advantages, it has also heightened the need for responsibility, accountability, and security. The increasing dependence on data, analytics, and constant innovation has raised apprehensions regarding data privacy, cybersecurity, and the ethical considerations tied to technological advancements.
The escalating awareness of the significance of safeguarding personal data’s privacy is compelling individuals and organisations alike to take action. With an ever-increasing volume of data stored digitally by both individuals and businesses, the imperative to prevent misuse or unauthorised access becomes undeniable.
Singapore, renowned as a global cybersecurity leader, has made substantial investments in infrastructure development and various cybersecurity initiatives. Central to these endeavours is a focus on addressing the menace of ransomware.
Ransomware attacks have surged worldwide, leaving a profound impact on numerous companies and entities. Singapore has responded proactively, diligently shielding its infrastructure from ransomware attacks and striving to minimise their potential fallout.
These steadfast efforts reflect Singapore’s unwavering commitment to preserving its status as a secure and reliable hub for business and technology, making it an attractive destination for innovation and operations. Cybersecurity is the key player in sustainable economic growth in the digital age.
Singapore’s cybersecurity landscape epitomises a proactive and robust approach to fortifying its digital infrastructure and data ecosystem. As a preeminent global financial and technology hub, Singapore is acutely aware of cybersecurity’s pivotal role in maintaining its reputation as a secure and trustworthy destination for businesses and individuals.
This diligence has stimulated the Singaporean government and stakeholders to channel substantial efforts into establishing and sustaining a secure cyber environment that buttresses sustainable economic and business growth. The nation’s commitment to cybersecurity underscores its vision of a secure, innovative, and prosperous future.
The OpenGov Breakfast Insight held on 15 November 2023 at the Equarius Hotel Singapore brought together digital executives in the technology sector in Singapore. This session proved to be a powerful platform for exchanging ideas and formulating policies to protect Singapore from the threat of ransomware.
Opening Remarks
According to Mohit Sagar, the CEO and Editor-in-Chief of OpenGov Asia, organisations are increasingly recognising that threats can originate from various sources, including within their own networks. This awareness is driving the demand for a more robust and flexible security strategy to safeguard their crucial assets, sensitive data, and critical systems.
Against this backdrop, he recognises Singapore’s prominent role in the field of digital resilience. The nation has made significant advancements in strengthening its cybersecurity infrastructure within the Asia-Pacific region.
Despite a notable increase in phishing attempts, as reported by the Singapore Cybersecurity Agency (CSA), Singapore’s government and local stakeholders have been able to successfully defend themselves by proactively fortifying the nation’s cybersecurity defences. One standout measure includes the adoption of Zero Trust Network Access (ZTNA).
The emergence of the ZTNA framework is a direct response to the ever-evolving landscape of cybersecurity. Factors such as the widespread adoption of remote work, the increasing reliance on cloud computing, and the fluid nature of the contemporary threat environment have necessitated a reevaluation of traditional network security strategies.
The ZTNA represents a revolutionary approach to cybersecurity built on the fundamental maxim of “never trust, always verify”. This foundational principle eliminates any automatic assumptions regarding the trustworthiness of users, devices, or applications, irrespective of their physical location.
ZTNA mandates a rigorous process of authentication, appropriate authorisation, and continuous verification for any entity seeking access to an organisation’s resources and information, whether these lie within or outside the conventional boundaries of network security.
The approach brings several critical advantages to the forefront, including the imposition of robust access restrictions, a laser focus on authorisation based on actual needs, continuous monitoring, and rapid responses to identified threats.
“By incorporating these multiple layers of security, organisations can effectively mitigate risks and uphold the integrity of their resources, regardless of the location of the user or device,” Mohit explains.
In the face of the ever-evolving technological landscape and the ever-adapting tactics of cyberattacks, Singapore recognises the imperative of remaining vigilant and responsive. This necessitates bolstered efforts to detect, prevent, and effectively respond to cyber threats.
Singapore’s unwavering commitment to cybersecurity excellence not only cements its status as a global leader in this field but also serves as a role model for other nations seeking to fortify their cyber defences.
By championing stringent and innovative cybersecurity strategies, Singapore occupies the forefront of protecting its digital environment and sets an example for the international community. The nation’s proactive approach not only enhances its cybersecurity standing but also contributes to the global drive towards a safer and more secure digital future.
“Singapore is undoubtedly a standard-bearer for the evolution of cybersecurity in the digital age, ensuring its continued leadership in this critical domain,” Mohit concludes.
Welcome Address
Anthony Mak, Head of Commercial, Check Point Software Technologies Ltd, observes that the current cybersecurity landscape is a realm that is constantly changing and evolving; and the challenges are increasingly complex and serious.
“Cybersecurity is no longer just the responsibility of the IT or security department but is a primary focus for all levels of the organisation, from management to operational employees,” Anthony firmly believes.
In a landscape where cyberattacks are growing in sophistication and prevalence, it’s essential for all entities, whether large corporations, small businesses, government institutions, or individuals, to recognise the critical role of a robust cybersecurity strategy. Such strategies are paramount for safeguarding sensitive data, ensuring uninterrupted business operations, and upholding trust with customers.
In the dynamic realm of cyber threats, ransomware stands out as a pressing concern, having evolved into one of the most devastating and disruptive forms of cyberattacks with global repercussions. Involving malicious actors encrypting sensitive data and demanding a ransom for its release, they have the potential to inflict severe financial and reputational damage, disrupt critical operations, and erode public trust in data security measures.
Cybercriminals operating behind these attacks often use phishing methods, exploiting software vulnerabilities, or other techniques to infect victims’ devices or networks. Once the data is locked, they demand a ransom in the form of a hard-to-trace payment in return.
Check Point, as a cybersecurity company, was well aware of this looming threat, she reveals, and its primary mission is to shield both organisations and individuals from a wide spectrum of digital threats.
Check Point is dedicated to delivering innovative and dependable cybersecurity solutions and technology to confront the continually expanding challenges in the realm of cybersecurity. They recognise the significance of taking a proactive stance in detecting, preventing, and responding to cyberattacks, including ransomware.
Strong cybersecurity is paramount in addressing ransomware threats and safeguarding both data and operational integrity from potentially devastating attacks. Anthony believes in adopting preventive measures and upholding robust cybersecurity practices to defend against ransomware attacks. This includes regularly updating software, educating users about cyber threats, and maintaining consistent data backups.
By focusing on cybersecurity and committing to providing effective solutions, Check Point plays a role in maintaining a higher level of security in a complex and ever-evolving digital era. Awareness of the importance of cyber threats and strong preventive measures are the foundation of their efforts to protect the digital world from dangerous ransomware attacks.
In Conversation With
In the contemporary business landscape, cybersecurity has emerged as an essential component of operational integrity. SATS, a prominent provider of food solutions and gateway services within the aviation and hospitality sectors, has gained recognition for its achievements in implementing advanced AI-driven security systems.
Scott Lee, serving as the Chief Information Security Officer at SATS, has played a pivotal role in reinforcing the organisation’s digital security measures and safeguarding the confidentiality of sensitive data.
In the face of persistent threats such as hacking attempts and data breaches, SATS’ dedication to protecting its digital assets is not only commendable but also imperative. Scott and his team have gone to great lengths in developing a robust and forward-looking cybersecurity strategy to mitigate these risks effectively.
SATS has fortified its cybersecurity defences by deploying AI-driven Intrusion Detection Systems (IDS) that rely on machine learning algorithms to continuously scrutinise network traffic and system logs. This enables the detection of abnormal behaviour that could indicate security threats, effectively thwarting numerous hacking attempts and safeguarding the organisation’s network infrastructure from external risks.
“User and Entity Behavior Analytics (UEBA) solutions have also found a place in SATS’ cybersecurity arsenal. These AI-driven systems meticulously examine user and entity behaviour across the network,” Scott explains. “By discerning typical behaviour patterns, UEBA can promptly identify anomalies that may suggest unauthorised access or data breaches, providing a robust defence against insider threats and activities that are not approved.”
The incorporation of AI-driven threat intelligence platforms marks another pivotal milestone in SATS’ cybersecurity journey. These platforms are continuously engaged in gathering data on emerging threats and vulnerabilities, which are then used to fine-tune security systems. This proactive approach positions SATS at the forefront of cybersecurity, allowing them to swiftly adapt to the ever-evolving threat landscape.
Scott emphasised that the impact of these AI-powered security measures goes beyond the realm of threat detection. It extends to risk mitigation, regulatory compliance, and cost savings. By effectively preventing data breaches and hacking attempts, SATS has not only shielded itself from potential reputational damage but has also saved substantial financial resources.
SATS’ commitment to advancing security technology reflects its understanding of the evolving nature of cyber threats and with a proactive approach to identifying and thwarting new and emerging threats, SATS stands as a role model for other organisations, setting a standard in the cybersecurity landscape.
SATS’ cybersecurity approach is characterised by several key principles:
- Risk-Based Approach
- Security Awareness and Training
- Security Automation
- Collaboration and Communication
- Cloud Security and Virtualisation
- Incident Response and Business Continuity
- Data Encryption and Access Controls
- Regular Security Audits and Assessments
SATS’ proactive approach to cybersecurity serves as an exemplar of how organisations can strike a balance between data security and operational efficiency. By strategically aligning cybersecurity with organisational goals, fostering security awareness, and utilising automation and advanced technologies, SATS exemplifies how to optimise productivity while effectively protecting critical assets and information.
Scott asserts that in a digital age where cyber threats abound, the role of the CISO and their cybersecurity team is pivotal in ensuring that an organisation thrives securely. SATS has set a standard for others to follow, a testament to the company’s unwavering commitment to cybersecurity and its pursuit of operational excellence in an increasingly perilous digital landscape.
Clement Lee, APAC Solution Architect Evangelist, Office of the CTO, Check Point Software Technologies Ltd, offers valuable insights and strategies to ensure the resilience of AI-driven threat detection systems placing a strong emphasis on the quality of model training data.
He advises organisations to use high-quality, diverse datasets that closely resemble real-world scenarios. “Augmenting training data with adversarial inputs is crucial, as it helps AI models recognise and adapt to adversarial attacks, a prevalent threat in today’s digital landscape.”
To enhance the adaptability of AI models, Clement encourages businesses to employ adversarial training techniques during the model training phase. This practice involves intentionally incorporating adversarial examples into the training dataset, enabling the model to recognise and respond effectively to adversarial inputs.
Suggesting the utilisation of ensemble learning methods for decision-making, Clement reveals that this approach involves the combination of multiple AI models to mitigate the influence of adversarial attacks. It forms a layered defence against potential vulnerabilities that might differ across various models.
Clement underscores the importance of model interpretability, enabling organisations to gain insights into the decision-making processes of these systems. This transparency plays a critical role in detecting unusual or erroneous model actions that could be indicative of adversarial attacks.
Improving AI threat detection necessitates meticulous feature engineering, focusing on developing features that are less prone to adversarial manipulation. Integrating conventional rule-based or signature-based detection techniques with AI-driven methods establishes a multi-faceted defence strategy, delivering strong safeguards against adversarial attacks. Thorough testing, which includes adversarial evaluations, plays a vital role in pinpointing weaknesses and enhancing the security of AI models.
According to Clement, real-time monitoring and anomaly detection are pivotal for guarding against adversarial attacks. These measures swiftly detect unusual behaviour or model degradation, providing early warnings of potential threats.
Likewise, collaboration within the cybersecurity community and active participation in information-sharing initiatives are encouraged to stay informed about emerging threats and mitigation strategies. Working closely with AI security solutions providers, organisations should leverage updates, patches, and recommendations to enhance their defence mechanisms continually.
“To maintain the effectiveness of AI threat detection, regular updates are crucial to ensure that these systems stay current with the evolving threat landscape,” Clement reiterates. “Employing ensemble learning, which combines multiple AI models to create a layered defence, is recommended to reduce the impact of adversarial attacks by leveraging diverse models.”
Besides, rigorous testing procedures, including adversarial testing, are essential for identifying weaknesses and vulnerabilities in AI models. Ensuring model interpretability, or understanding how AI systems make decisions, aids in recognising unusual behaviour indicative of adversarial attacks. Educating security teams and users about the risks associated with adversarial attacks fosters a culture of vigilance.
Collaboration with the cybersecurity community, active monitoring of the evolving threat landscape, adaptive AI models, and leveraging up-to-date threat intelligence feeds are integral for effective AI threat detection.
“Check Point Software Technologies offers comprehensive cybersecurity solutions that seamlessly integrate AI and threat detection capabilities,” Clement concludes. “Our advanced threat prevention solutions utilise AI and machine learning to identify and mitigate emerging threats in real-time.”
Closing Remarks
Anthony extended her gratitude to the participants and appreciated the engaging and informative sessions that highlighted the latest trends, solutions, and best practices in addressing ransomware.
Given the presence of distinguished cybersecurity experts, the event indeed served as a valuable platform for exchanging insights and expertise. She was confident that the expertise shared during the event would catalyse transformative changes in how organisations tackle cybersecurity, fostering greater resilience and security.
Anthony emphasised the growing concern over ransomware attacks that continue to plague organisations worldwide and acknowledged that the battle is an ongoing one, demanding continuous vigilance and collective effort. Together, organisations can accelerate their anti-ransomware strategies and stand resilient against the ever-evolving threats of the digital age.
He stressed the importance of robust anti-ransomware strategies to protect critical digital assets and reiterated that Check Point Software Technologies stands prepared to offer assistance with its advanced cybersecurity solutions, strengthened by AI and threat intelligence.
Mohit agrees that there is a critical need for proactive measures to safeguard mission-critical applications, services, and infrastructure in an increasingly digital world. These threats are becoming increasingly sophisticated, targeting mission-critical applications, services, and infrastructure.
Merely acknowledging the risks posed by ransomware is not enough, Mohit cautioned that. What’s required are concrete, proactive measures that can thwart attacks and protect digital assets. The significance of educating users and enhancing awareness to reduce vulnerabilities as well as the value of collaboration and information sharing as key components in building a resilient defence strategy cannot be understated.
Mohit encouraged each participant to act as a catalyst for change within their spheres of influence, promptly and effectively applying the knowledge gained to counter the ransomware threat. It is the responsibility of everyone involved in the digital realm to remain vigilant and resolute in their commitment to cybersecurity.
He expressed his optimism about the road ahead. While the challenges posed by ransomware are significant, the knowledge and insights gained at the event would go a long way to equip attendees with the tools and strategies needed to combat these threats.
Mohit concluded with an optimistic note, emphasising that the cybersecurity community’s unwavering determination has prepared them to confront the evolving digital risk landscape. Through collective efforts, he affirmed that a more secure and resilient digital future is not merely a possibility but an achievable goal.
