April 29, 2024
Subscribe
Search
Close this search box.
Linkedin-in Twitter Facebook-f Youtube Instagram
#image_title

9th Annual Singapore OpenGov Leadership Forum 2024, 14 - 15 May 2024 - CLICK HERE FOR DETAILS

We are creating some awesome events for you. Kindly bear with us.

New Zealand Safeguarding Digital Frontiers

Getting your Trinity Audio player ready...

The malicious actor sometimes can exploit vulnerabilities in commonly used technology and software, posing challenges for cybersecurity in any sector and industry. However, organisations can significantly reduce the risk of exploitation by staying vigilant and implementing robust security measures.

One of the critical challenges in cybersecurity is the constant evolution of cyber threats. Malicious actors constantly seek vulnerabilities in software and technology to exploit. These vulnerabilities can exist in any sector or industry, making it crucial for organisations to remain proactive in their cybersecurity efforts.

Collaboration and information sharing among organisations and cybersecurity agencies are crucial in combating cyber threats. By sharing threat intelligence and best practices, the cybersecurity community can work together to identify and mitigate potential threats more effectively.

The National Cyber Security Centre (NCSC) and Computer Emergency Response Team New Zealand (CERT NZ) in collaboration with international partners, have issued a cybersecurity advisory regarding vulnerabilities in one of the global software companies’ Connect Secure and Policy Secure gateways. While these vulnerabilities (CVE-2023-46805, CVE-2024-21887, CVE-2024-22024, and CVE-2024-21893) pose potential risks, the advisory aims to empower organisations to enhance their cybersecurity posture proactively.

Authored by CISA, the Federal Bureau of Investigation (FBI), the Multi-State Information Sharing & Analysis Centre (MS-ISAC), the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the Canadian Centre for Cyber Security (Cyber Centre), the advisory provides insights into the observed tactics of cyber threat actors and indicators of compromise to help organisations detect and mitigate potential threats.

Organisations are advised to be vigilant and assume a threat actor could attempt to exploit these vulnerabilities. Organisations can effectively manage these risks and protect their networks by exercising caution and making informed risk decisions.

Rob Pope, Director of CERT NZ, highlighted the importance of staying informed about vulnerabilities and recommended that those in the IT sector sign up for updates from their country’s cyber security agencies. This proactive approach can help organisations stay ahead of potential threats.

To assist organisations in understanding the potential impact of these vulnerabilities, the advisory includes critical findings from tests conducted by CISA from an attacker’s perspective. Additionally, the NCSC-NZ and its partners recommend that software manufacturers incorporate secure-by-design and -default principles into their development practices to reduce the prevalence of vulnerabilities and insecure configurations.

All organisations are encouraged to review the advisory and implement the recommended actions and mitigations, including applying patches and updates provided by that global software company. By taking these proactive measures, organisations can enhance their cybersecurity resilience and mitigate the risk of exploitation.

Until March 2024, New Zealand alone has been proactively taking preventive measures to tackle the cybersecurity of malicious actors. Based on the previous report by OpenGov Asia, New Zealand’s National Cyber Security Centre (NCSC) has collaborated with the Computer Emergency Response Team New Zealand (CERT NZ), along with the support of the United States’ Cybersecurity and Infrastructure Security Agency (CISA) and 15 other prominent global cybersecurity agencies, marks an advancement in cybersecurity. The joint product, aptly named “Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Secure by Design Software,” is a testament to these organisations’ dedication and collective expertise.

The original product, “Shifting the Balance of Cybersecurity Risk: Secure-By-Design and -Default Principles,” underscored the importance of adopting secure-by-design and secure-by-default practices in software development. It encouraged software manufacturers to prioritise these practices, expecting customer organisations to hold them accountable. This product effectively served as a cybersecurity roadmap for technology manufacturers and their products.

In an era where technology evolves rapidly, digital systems deeply intertwine with daily human life, ensuring software security is paramount. Cyber threats are persistent, but proactive measures and international collaboration can significantly reduce vulnerabilities and mitigate risks. By staying informed and implementing best practices, organisations can safeguard their networks and mitigate the potential impact of cyber-attacks.

 

Recommended Stories

Linkedin-in Twitter Facebook-f Youtube Instagram

© 2024 OpenGov Asia – CIO Network Pte Ltd.

MENU

Linkedin-in Twitter Facebook-f Youtube Instagram

PARTNER

Qlik Website Logo

Qlik

Globe Facebook Twitter Linkedin

Qlik’s vision is a data-literate world, where everyone can use data and analytics to improve decision-making and solve their most challenging problems. A private company, Qlik offers real-time data integration and analytics solutions, powered by Qlik Cloud, to close the gaps between data, insights and action. By transforming data into Active Intelligence, businesses can drive better decisions, improve revenue and profitability, and optimize customer relationships. Qlik serves more than 38,000 active customers in over 100 countries.

PARTNER

#image_title

CTC

Globe Facebook Twitter Linkedin Youtube

CTC Global Singapore, a premier end-to-end IT solutions provider, is a fully owned subsidiary of ITOCHU Techno-Solutions Corporation (CTC) and ITOCHU Corporation.

Since 1972, CTC has established itself as one of the country’s top IT solutions providers. With 50 years of experience, headed by an experienced management team and staffed by over 200 qualified IT professionals, we support organizations with integrated IT solutions expertise in Autonomous IT, Cyber Security, Digital Transformation, Enterprise Cloud Infrastructure, Workplace Modernization and Professional Services.

Well-known for our strengths in system integration and consultation, CTC Global proves to be the preferred IT outsourcing destination for organizations all over Singapore today.

PARTNER

#image_title

Planview

Globe Facebook Twitter Linkedin Youtube

Planview has one mission: to build the future of connected work. Our solutions enable organizations to connect the business from ideas to impact, empowering companies to accelerate the achievement of what matters most. Planview’s full spectrum of Portfolio Management and Work Management solutions creates an organizational focus on the strategic outcomes that matter and empowers teams to deliver their best work, no matter how they work. The comprehensive Planview platform and enterprise success model enables customers to deliver innovative, competitive products, services, and customer experiences. Headquartered in Austin, Texas, with locations around the world, Planview has more than 1,300 employees supporting 4,500 customers and 2.6 million users worldwide. For more information, visit www.planview.com.

SUPPORTING ORGANISATION

#image_title

SIRIM

Globe Facebook Twitter Linkedin Youtube

SIRIM is a premier industrial research and technology organisation in Malaysia, wholly-owned by the Minister​ of Finance Incorporated. With over forty years of experience and expertise, SIRIM is mandated as the machinery for research and technology development, and the national champion of quality. SIRIM has always played a major role in the development of the country’s private sector. By tapping into our expertise and knowledge base, we focus on developing new technologies and improvements in the manufacturing, technology and services sectors. We nurture Small Medium Enterprises (SME) growth with solutions for technology penetration and upgrading, making it an ideal technology partner for SMEs.

PARTNER

#image_title

HashiCorp

Globe Facebook Twitter Linkedin Youtube

HashiCorp provides infrastructure automation software for multi-cloud environments, enabling enterprises to unlock a common cloud operating model to provision, secure, connect, and run any application on any infrastructure. HashiCorp tools allow organizations to deliver applications faster by helping enterprises transition from manual processes and ITIL practices to self-service automation and DevOps practices. 

PARTNER

#image_title

IBM

Globe Facebook Twitter Linkedin Youtube

IBM is a leading global hybrid cloud and AI, and business services provider. We help clients in more than 175 countries capitalize on insights from their data, streamline business processes, reduce costs and gain the competitive edge in their industries. Nearly 3,000 government and corporate entities in critical infrastructure areas such as financial services, telecommunications and healthcare rely on IBM’s hybrid cloud platform and Red Hat OpenShift to affect their digital transformations quickly, efficiently and securely. IBM’s breakthrough innovations in AI, quantum computing, industry-specific cloud solutions and business services deliver open and flexible options to our clients. All of this is backed by IBM’s legendary commitment to trust, transparency, responsibility, inclusivity and service.