Exclusive! Modern Hybrid Cloud: How Can Singapore Further Secure Its Dependability and Resilience?

Getting your Trinity Audio player ready...

Singapore’s public sector is increasingly embracing multiple cloud services, as seen in initiatives like the Government on Commercial Cloud, showcasing a concerted effort to modernise digital infrastructure and keep abreast of technological advancements. This adoption of diverse cloud solutions not only boosts operational efficiency but also underscores the sector’s dedication to driving transformation, promoting innovation, and ensuring robust governance.

Positioning Singapore at the forefront of digital innovation, the strategic shift towards a multi-cloud approach signifies an acknowledgement of the crucial role of technological agility in navigating complex digital landscapes and sets a standard for effective governance and future-ready infrastructure.

The transition ensures the development of robust digital systems and allows Singapore to leverage emerging technologies effectively. This proactive stance aligns with the global trend of diversifying cloud strategies to future-proof digital ecosystems in an increasingly volatile, uncertain, complex, and ambiguous (VUCA) landscape.

Despite this progressive momentum, several challenges have emerged due to critical architectural choices made during the early stages of Singapore’s cloud journey. One major challenge is the existence of data silos, which compartmentalise information and hinder its accessibility across the organisation. Such fragmentation impedes efficient data utilisation and collaboration, thus hindering the seamless flow of information necessary for informed decision-making.

Moreover, workflow interruptions arising from incompatible systems and integration issues originating from the early stages of cloud adoption pose a significant hurdle. These disruptions impact operational efficiency, creating bottlenecks within public sector entities and underscoring the importance of strategic and cohesive decision-making in cloud infrastructure evolution.

The complex nature of managing diverse cloud infrastructures in many public sector agencies in Singapore raises security concerns, necessitating robust strategies to safeguard sensitive data amidst evolving digital landscapes.

Simultaneously, the shortage of skilled professionals versed in managing such infrastructures further compounds the challenge, highlighting the critical need for upskilling initiatives to bridge the talent gap and ensure a smooth transition towards a more resilient and secure digital future.

As Singapore’s public sector continues to embrace hybrid cloud solutions, maximising the efficiency of its cloud environment and investments becomes paramount. Enhancing data sharing, automating critical workflows, and implementing unified security protocols can help ensure a resilient cross-cloud hybrid architecture.

These efforts are crucial for facilitating efficient communication and collaboration across various government services and departments, optimising operational processes, and promoting agility in public sector operations.

The OpenGov Event on 2 April 2024 at Voco Orchard Singapore facilitated an in-depth discussion on ways to maximise the efficiency of hybrid cloud environments within the Singaporean public sector. The session brought together experts, policymakers, and industry leaders to exchange ideas and insights on best practices for managing complex cloud infrastructures.

The forum focused on establishing secure data-sharing protocols within hybrid cloud environments, prioritising seamless communication and collaboration across government services to optimise operations through smooth information flow between systems.

Additionally, automation was underscored for efficiency, error reduction, and integrated observability to proactively identify issues and maintain system health, while unified security was highlighted for comprehensive risk management, data safeguarding, and maintaining control over hybrid cloud infrastructure.

The forum served as a valuable platform to chalk out strategies for the Singaporean public sector, with the insights expected to shape future initiatives aimed at enhancing the efficiency and security of cloud infrastructures in the public sector.

Welcome and Opening Address

In today’s fast-changing digital landscape, businesses need scalable IT infrastructure solutions that can adapt to new opportunities and drive sustainability, all while maintaining efficiency and security.

Businesses increasingly favour the cloud for its well-established attributes of flexibility, scalability, and cost-effectiveness, enabling seamless storage and processing of vast data volumes without the limitations of on-premises storage, while also offering robust security features, expert maintenance, and automated backup capabilities.

However, both public and private clouds entail risks; public clouds, while providing choices and cost benefits, pose security concerns for highly sensitive data as they rely on shared hardware owned by third-party providers.

Private clouds offer dedicated and secure access but may lack integrated data capabilities across different cloud platforms for enhanced capacity and performance. Consequently, the emergence of hybrid clouds, now the prevailing business model, bridges this gap by combining the advantages of both public and private clouds.

Elson Chia, Managing Director at Fujitsu Asia Pacific, views the hybrid cloud as a gateway to leveraging a host of solutions. Through Fujitsu’s hybrid cloud, efficient resource allocation is facilitated, leading to optimised performance and cost savings. With its deep expertise in hybrid and multi-cloud solutions, Fujitsu aids businesses in navigating the digital terrain and maximising the benefits of hybrid cloud adoption.

Moreover, Fujitsu provides comprehensive services, platforms, and products to help businesses develop future strategies and build robust cloud environments. This includes evaluating current infrastructure, identifying areas for improvement, and designing a customised cloud strategy that aligns with the organisation’s long-term goals.

“No matter where businesses are on their hybrid cloud journey, with Fujitsu’s global expertise, extensive solutions portfolio, and leading partnerships, we can deliver a unified solution,” emphasises Elson. “Fujitsu’s expertise ensures businesses can leverage the latest technologies and best practices to optimise their cloud environments for efficiency, scalability, and security.”

In addition to strategy development, Fujitsu assists businesses in migrating, transforming, and developing applications across various cloud platforms. This entails evaluating existing applications, identifying the optimal migration or transformation approach, and deploying solutions that minimise disruption while maximising performance.

Fujitsu’s expertise in application development and integration guarantees that businesses can smoothly transition to the cloud, capitalising on its advantages without sacrificing functionality or reliability.

Fujitsu also specialises in securing, managing, and optimising distributed cloud landscapes. This includes implementing robust security measures to protect data and applications, managing cloud resources to ensure optimal performance and cost efficiency, and optimising cloud configurations to meet evolving business needs. Their comprehensive approach to cloud management ensures that businesses can confidently embrace the cloud while minimising risk and maximising value.

Through its PRIMEFLEX portfolio, Fujitsu offers a range of hybrid-enabled converged and hyper-converged infrastructures designed to meet the unique needs of businesses. These solutions combine the benefits of traditional and cloud-based infrastructure, providing the flexibility, scalability, and efficiency businesses need to succeed in today’s digital economy.

Fujitsu works closely with businesses to identify the right mix of products and services to achieve their goals, ensuring they can modernise their infrastructure and move workloads to the cloud with minimal disruption and maximum impact.

Fujitsu uSCALE is a critical component of Fujitsu’s cloud offering, providing economic elasticity that enables businesses to scale their infrastructures up or down as needed. This flexibility allows businesses to respond quickly to changing market conditions, ensuring they can adapt and thrive in today’s fast-paced business environment.

Elson firmly belies that, “By leveraging Fujitsu’s uSCALE technology, businesses can achieve a more efficient way to manage organisational growth and respond faster to market needs, ensuring that they can stay ahead of the competition and achieve their long-term goals.”

Opening Keynote

Mohit Sagar, CEO & Editor-in-Chief at OpenGov Asia, believes that while private and public organisations may have distinct goals and approaches, they encounter common challenges amid today’s rapid technological progress.

One such challenge is the imperative for robust IT infrastructure to handle the increasing volumes of data organisations encounter. This necessity has gained even greater significance in the aftermath of the pandemic, where cloud infrastructure enables seamless remote business operations.

Mohit acknowledges both businesses and governmental institutions recognise the critical significance of maintaining appropriate cloud infrastructure, with cloud computing fundamentally transforming IT systems’ operation and data sharing, especially in its hybrid form.

Hybrid cloud adoption is gaining momentum as organisations acknowledge the advantages of integrating on-premises infrastructure with cloud services. This surge is propelled by the imperative for flexibility, scalability, and cost-efficiency in IT resource management.

Mohit elaborated on the myriad benefits of hybrid cloud solutions, particularly their ability to offer unparalleled flexibility. This flexibility allows organisations to adjust resource levels according to their specific requirements, ensuring optimal cost-effectiveness while meeting their evolving needs. They also bolster business continuity through redundancy and disaster recovery capabilities, ensuring enhanced resilience.

Moreover, hybrid cloud solutions address data security and compliance requirements by securely storing sensitive data on private clouds while utilising public clouds for less sensitive tasks. This approach enables organisations to optimise operational expenses by leveraging public cloud resources for non-essential operations and private clouds for storing mission-critical data, ensuring cost-effectiveness while maintaining data security and integrity.

Furthermore, hybrid cloud solutions facilitate the smooth integration of legacy systems with contemporary applications, optimising workflows and enhancing productivity. By bridging the gap between traditional and cloud-based infrastructure, organisations can leverage the strengths of both environments, ensuring compatibility and smooth operation across diverse IT landscapes.

Governments worldwide are increasingly embracing hybrid cloud solutions to improve user experiences for both the public and their employees, enabling the rapid development of secure and modern services. With many governments already operating applications within a hybrid cloud environment, this approach has become the present and future reality for government cloud infrastructure.

The shift towards cloud-first strategies and the adoption of public clouds is expected to continue, resulting in reduced operational costs, efficient management of data expansion, and access to innovative capabilities, thereby driving further benefits and advancements in government services.

Mohit highlighted Singapore as an example, noting significant growth in the hybrid cloud market within the public sector. This surge is propelled by organisations seeking to harness the benefits of both public and private cloud environments. Factors such as data-intensive applications, remote work trends, agility, cost-efficiency, and scalability are fueling this expansion in the hybrid cloud sector.

Hybrid cloud adoption in Singapore’s public sector enhances operational efficiency by providing flexibility to allocate workloads between public and private cloud environments, optimising resource utilisation. Additionally, using a hybrid cloud enhances resilience in governance, ensuring critical services can continue uninterrupted even in the face of disruptions or challenges, thereby bolstering public trust and confidence in governmental operations.

However, while hybrid cloud deployments offer numerous benefits, they also introduce unique security risks. Organisations must carefully manage the hybrid cloud through robust security strategies, comprehensive risk assessments, and ongoing monitoring and compliance efforts. These efforts are essential to address concerns such as data privacy, increased attack surface, network security, data loss and leakage, integration challenges, and the dynamic nature of cloud environments.

Integrating hybrid cloud solutions presents significant opportunities for organisations to enhance flexibility, scalability, data security, compliance, and operational efficiency. However, it also requires a close examination of security, privacy, and compliance measures to ensure the integrity and protection of sensitive information across diverse cloud environments.

“In today’s rapidly evolving digital landscape,” Mohit concludes, “it’s crucial that we carefully manage security risks while leveraging the benefits of hybrid cloud solutions to achieve our goals more effectively.”

Keynote

Layne Hurst, the Hybrid IT Portfolio Lead, APAC at Fujitsu Asia Pacific, echoed the sentiments shared by Elson and Mohit, emphasising the critical role of hybrid cloud solutions in today’s world.

In this digital age, where businesses and governments are navigating unprecedented challenges, Hurst agrees that adopting hybrid cloud infrastructure is no longer just an option but a necessity.

Layne highlighted the strategic advantage of hybrid cloud solutions, highlighting their ability to integrate existing infrastructure seamlessly and include key benefits like:

Flexibility: Combines the security of on-premises infrastructure with the scalability of public cloud services.

Cost-Efficiency: Optimises workload resources by processing workloads in the most suitable environment.
Data Security: Offers flexibility in securing data and protecting sensitive information.
Scalability: Easily scales operations based on user requirements without significant investment.
Disaster Recovery: Provides flexible backup and recovery options based on data sensitivity.
Innovation: Facilitates innovation with access to cutting-edge tools in the public cloud.
Regulatory Compliance: Helps meet data residency and regulatory requirements.

Delving deeper into the benefits of hybrid cloud solutions, Layne underscored their role in facilitating organisations’ gradual modernisation of applications and infrastructure. By enabling this gradual transition, businesses can effectively adapt to evolving market conditions and customer demands without needing a disruptive complete overhaul. This approach ensures smoother operations and enhances overall agility and responsiveness.

Shifting his focus to the crucial matter of security, Layne emphasised its importance, especially in unprecedented situations. He pointed out the significance of data security and compliance, highlighting hybrid cloud solutions as a well-rounded approach.

These solutions allow organisations to store sensitive data on private clouds while leveraging the scalability and cost-effectiveness of public clouds for less critical operations. This balanced approach ensures that organisations can effectively manage their data security needs without compromising efficiency and cost-effectiveness.

Layne acknowledged the effectiveness of micro-segmentation in enhancing security within hybrid cloud environments. Micro-segmentation involves dividing a network into smaller segments, each with unique security policies and controls. This approach helps isolate and shield critical assets from potential security threats, further enhancing the overall security posture of organisations adopting hybrid cloud solutions.

Layne reaffirmed Fujitsu’s dedication to assisting organisations throughout their digital transformation endeavours. The company provides a platform cloud that facilitates streamlined infrastructure development and management efficiency. This platform cloud, known for its high scalability, empowers organisations to adapt to business growth and evolving requirements with ease.

Layne underscored the significance of scalability for numerous companies in bolstering their competitiveness in the market, underscoring Fujitsu’s role as a pivotal partner in advancing digital transformation initiatives.

Fujitsu remains steadfast in its commitment to sustainability and meeting consumer demands, aligning seamlessly with the earlier discussion on digital transformation. This includes prioritising environmental protection and advocating for ethical business practices, thus reflecting Fujitsu’s dedication to sustainability and social responsibility.

With millennials and Generation Z projected to comprise 70% of the working-age population by 2030, Fujitsu acknowledges the significance of addressing these segments’ preferences and values.

Fujitsu’s hybrid IT technologies enhance business operations and create a secure, trusted foundation for businesses and society. By addressing global concerns like reducing carbon footprints, ensuring welfare and security, and being prepared for natural disasters, businesses can meet the expectations of today’s customers and workforce.

“Fujitsu’s Hybrid IT infrastructure can empower organisational expansion and communities to address societal challenges,” Layne reveals. “Compelling case studies showcase how our offerings have not only facilitated sustainable economic growth but also promoted well-being and environmental sustainability.”

Panel Discussion: Improve the Performance and Reliability of Hybrid Cloud

Mohit Sagar, CEO and Editor-in-Chief at OpenGov Asia, emphasised Singapore’s public sector’s focus on improving performance and reliability within hybrid cloud infrastructure. This commitment underscores the necessity for ongoing innovations such as automation, AI-driven analytics, and edge computing, all aimed at enhancing the efficiency and dependability of hybrid cloud environments.

These solutions not only meet the demands of modern digital services but also play a crucial role in providing superior citizen services that are efficient, secure, and scalable. Observability, which is essential for managing complex systems, is vital for these platforms, helping organisations understand the behaviour and performance of their hybrid cloud environments.

However, implementing observability solutions comes with its own set of challenges.

1. Managing the Volume, Velocity, Variety, and Complexity of Data: With the increasing volume of data generated by modern applications and systems, processing and analysing this data in real-time becomes more difficult. This complexity can result in issues with data quality, making it challenging to derive accurate insights.
2. Dealing with Multiple Tools and Vendors: Organisations often use multiple tools and vendors for observability, leading to tool sprawl and siloed telemetry data. This fragmentation makes it challenging to correlate data and extract meaningful insights into system performance.
3. Identifying Root Causes of Issues: Existing observability tools often need help to provide a clear path to the root cause. This lack of clarity can make it difficult for engineers to determine the underlying cause of problems, resulting in guesswork and inefficient troubleshooting.
4. Skill Set Shortages: Implementing and maintaining observability solutions requires specialised skills and knowledge. Many organisations need help finding and retaining skilled professionals, which can impede their ability to use observability tools effectively.

To address these challenges, Jason Nai, Partner Cloud Evangelist, APAC at Dynatrace, suggests that organisations should consider implementing a unified observability tool that consolidates insights onto a single dashboard. Additionally, investing in training for staff to enhance their observability skills can be beneficial.

Organisations should also focus on improving data quality by establishing guidelines for applications and services to produce structured and meaningful logs and telemetry. Storing this data in a reliable platform can provide insights into performance and system behaviours.

As a leading provider of comprehensive observability and security solutions, explains Jason, Dynatrace offers a platform encompassing the entire AI stack, including hardware, foundational models, semantic caches, and orchestration frameworks. The platform’s AI-driven capabilities enable organisations to automate DevSecOps at scale, provide accurate insights, and empower teams to address issues before they impact end-users proactively.

Amit Dalal, Enterprise & Commercial Sales Director at Hewlett Packard Enterprise, acknowledges the pivotal role of a proficient workforce in executing a comprehensive sustainability strategy. With the evolving observability landscape, maintaining a well-trained workforce becomes imperative for adeptly handling and analysing the extensive data streams produced by contemporary systems and applications. Thus, prioritising staff training to enhance observability skills becomes essential.

Amit underscores the importance of embracing a comprehensive approach that encompasses essential elements in unlocking the full potential of a sustainable IT strategy.

Among these factors, recognising the inherent sustainability advantages of public cloud infrastructure over on-premises solutions stands out. This recognition can guide decision-making, prompting the adoption of environmentally conscious solutions and practices within IT operations.

Another crucial aspect is extending the lifespan of technology assets. By keeping technology in use for as long as possible, organisations can reduce electronic waste and minimise the environmental footprint associated with the production and disposal of IT equipment. Implementing practices such as refurbishing, upgrading, and repurposing IT assets can significantly contribute to sustainability efforts.

Organisations can contribute to a more sustainable future by incorporating renewable energy sources and energy-efficient technologies into their operations. Leveraging advancements in renewable energy and grid efficiency further enhances the sustainability of IT operations. Strategic decisions, such as waiting for the grid to become more efficient before implementing specific IT initiatives, can align with broader sustainability goals.

Lastly, it’s essential to recognise that sustainability is not solely an environmental concern but also a business imperative. Integrating sustainability principles into IT strategy can result in tangible benefits for organisations, including cost savings, improved brand reputation, and increased long-term viability.

“By aligning sustainability goals with business objectives, organisations can create a more sustainable and resilient IT infrastructure that supports their overall success,” Amit believes.

Nicholas Chia, an Automation Platform Specialist at Red Hat, delved into the concept of AI washing, which pertains to companies misleadingly portraying their utilisation or development of artificial intelligence systems through false or exaggerated claims.

In a landscape where AI washing is prevalent, it is crucial to scrutinise how software vendors navigate automation. Examining the approach of these vendors to automation within this context offers valuable insights into the integrity and effectiveness of their offerings.

Some software vendors have garnered praise for their commitment to rendering automation accessible and meaningful, eschewing the pitfalls of AI washing. This dedication ensures that their automation solutions genuinely deliver value rather than serving as mere marketing ploys.

By emphasising the practicality and usability of their automation tools, these vendors foster trust with their clientele and distinguish themselves from competitors who may resort to AI washing tactics.

“However, there is uncertainty about the stance of most software vendors on AI washing and its impact on automation,” is Nicholas’ caveat. “Some vendors may be unaware of the concept of AI washing or may not fully understand its implications for their automation strategies. This lack of clarity can confuse customers and hinder the adoption of automation solutions that genuinely improve efficiency and productivity.”

Another school of thought is that most software vendors are simply adding AI to their offerings without addressing the core issues of automation. This perspective suggests that some vendors may focus on capitalising on AI hype rather than delivering practical and effective automation solutions. Such an approach can undermine the credibility of automation technologies and hinder their widespread adoption.

The approach of software vendors to automation in the context of AI washing varies. While some vendors are praised for their commitment to meaningful automation, others may need to be more transparent or focused on superficial enhancements. It is essential for organisations to carefully evaluate automation solutions and choose vendors that prioritise integrity, usability, and genuine value.

Daniel Ng, Solution Lead, Technology Workflows at ServiceNow, noted that AI and machine learning will play an essential role in the future of hybrid cloud management. “These technologies have the potential to revolutionise cloud management by automating many tasks currently performed manually.”

Daniel highlighted the myriad ways in which these technologies hold promise for enhancing cloud operations. He underscored the potential benefits stemming from advancements in AI and ML, including:

Intelligent Automation: AI and ML can automate repetitive tasks such as data cleaning, transformation, and modelling, allowing employees to focus on more strategic initiatives.

Cognitive Computing: By analysing large volumes of data, AI and ML can provide insights that may not be readily available through traditional methods, helping organisations make better decisions.

Burst Processing: Cloud services enable scaling virtual machines or applications up and down based on demand, which is particularly useful for high-intensity, low-duration AI and ML workloads.

Edge Processing: Edge computing brings data centre resources closer to the user or data source, reducing latency and improving performance for AI and ML workloads sensitive to read/write and web packet latency fluctuations.

Pre-Trained Models: Cloud-native AI and ML can utilise pre-trained models to enhance accessibility and simplify data governance by eliminating data siloes.

AI Ops and ML Ops: AI and ML can automate the remediation of low-level service requests in IT operations, reducing administrative workloads for IT departments and enabling continuous monitoring.

Cost Optimisation: AI and ML can predict cloud usage patterns and automate resource allocation, helping organisations maximise their cloud spend and eliminate waste.

Nevertheless, for successful implementation of AI and ML in cloud management, he advocates that organisations should adhere to a four-phase strategy:

1. Perform an Assessment: Evaluate the challenges your team is facing and determine if AI can help address them.
2. Define Objectives and KPIs: Establish clear goals and measurable metrics to define success.
3. Select the Right Services and Tools: Choose AI-enabled cloud management or cost optimisation tools that align with your requirements.
4. Monitor and Refine Processes: Improve your cloud management practices, mainly reporting and alerting, to enhance efficiency and effectiveness.

“AI and machine learning will play a transformative role in the future of hybrid cloud management,” Daniel is convinced. “These technologies have the potential to revolutionise how organisations manage their cloud operations, offering a wide range of benefits and capabilities.”

Daniel shares that ServiceNow, a cloud computing platform, integrates AI and machine learning (ML) capabilities to enhance IT service management and operations. These technologies are embedded within ServiceNow’s IT Operations Management (ITOM) and Predictive AIOps Solution, which automate IT operations and provide real-time insights.

The ServiceNow ITOM Predictive AIOps Solution utilises AI and ML algorithms to:

Automate IT operations: This reduces the need for manual intervention, allowing organisations to focus on strategic initiatives rather than day-to-day IT operations.

Provide real-time insights: The solution helps organisations identify potential issues and take corrective action before they impact business operations by monitoring IT infrastructure performance.

Predict and prevent outages: The solution can detect and prevent outages before they occur, reducing downtime and improving system availability.

Enhance security: It can identify and mitigate security threats before they impact business operations, ensuring the IT infrastructure is secure and compliant.

Offer predictive analytics: The solution enables organisations to anticipate future IT issues and plan accordingly, improving overall IT management.

“Ultimately, ServiceNow’s AI and ML technologies are geared towards streamlining IT operations, enhancing efficiency, and fortifying IT infrastructure to be reliable, efficient, and secure,” Daniel asserts. “By harnessing these technologies, organisations can remain at the forefront of the technological curve, ensuring a competitive edge in today’s rapidly evolving business landscape.”

Panel Discussion II: Secure Hybrid Cloud Infrastructure and Build Resiliency

Mohit Sagar, CEO and Editor-in-Chief at OpenGov Asia, underscores the significance of cyber threat detection in today’s digital landscape. He emphasises the necessity for organisations to proactively address cyber threats by deploying advanced technologies and strategic measures.

In the context of hybrid cloud solutions, cybersecurity is a critical concern. Hybrid cloud environments combine on-premises infrastructure with cloud services, which can create complex security challenges. Organisations must ensure their hybrid cloud solutions are secure and compliant with data protection regulations.

Tan Mui Cheng, Deputy Head of Service Delivery, ASEAN & India at Fujitsu Asia Pacific, outlined Fujitsu’s approach to addressing cyberattacks within hybrid cloud environments. Facing several notable security threats, including data theft, Mui Cheng emphasised the risks associated with unauthorised access, vulnerability exploitation, and insider threats.

Data theft poses significant consequences, including the loss of sensitive information such as customer data and intellectual property, potentially resulting in financial losses, reputational harm, and regulatory repercussions.

In addition to data theft, phishing and social engineering attacks pose another critical security threat for Fujitsu within hybrid cloud environments. These nefarious tactics target individuals within the organisation, deceiving them into disclosing sensitive information or unwittingly downloading malware.

Given their fraudulent nature and reliance on psychological manipulation to exploit human vulnerabilities, phishing attacks can be particularly effective, necessitating robust defence mechanisms to mitigate the risks.

Phisings are also challenging to detect, as they often mimic legitimate communications and appear to come from trusted sources within the organisation. This makes phishing a significant concern for Fujitsu’s security posture, as a successful phishing attack can compromise sensitive data, unauthorised access to systems, and financial losses.

Additionally, Mui Cheng highlighted ransomware as a significant threat to Fujitsu within hybrid cloud environments. Ransomware attacks entail the use of malicious software to encrypt data or systems, demanding payment for decryption. These attacks have the potential to disrupt operations, lead to data loss, and incur financial losses if the ransom is paid.

Additionally, denial-of-service (DoS) attacks significantly threaten Fujitsu’s hybrid cloud environments. These attacks aim to overwhelm a system or network with traffic, causing it to become unavailable to legitimate users. DoS attacks can disrupt operations, degrade performance, and result in financial losses for Fujitsu.

Mui Cheng shared that Fujitsu has implemented comprehensive, robust security measures to protect against the diverse threats in its hybrid cloud environments. She mentioned that this includes implementing strong access controls and ensuring that only authorised personnel have access to sensitive data and systems.

Lau Boon Peng, Senior Director of Sales Engineering, APAC & EMEA at Menlo Security, underscores the vulnerability of everyday browsers to cyberattacks, stressing the imperative for organisations to prioritise browser security within their overarching cybersecurity frameworks.

Given that browsers serve as the primary entry point to search engines, websites, and a plethora of online services, including e-commerce and social media, they have emerged as prime targets for cybercriminals aiming to exploit vulnerabilities and target end-users.

Boon Peng explained that browsers act as bridges between users and the web, processing requests and sending them to appropriate servers through Domain Name System (DNS) lookups and finding IP addresses. These requests are transmitted over Hypertext Transfer Protocol (HTTP) and Hypertext Transfer Protocol Secure (HTTPS). Browsers then translate, render, and load content, such as CSS styling scripts, JavaScript, files, text, and images, into web pages and online functions.

In the realm of user interface (UI), browsers typically encompass a landing page, an address bar, bookmarks, buttons, tabs, and an array of additional elements, complemented by shortcut links to websites and services. Recognising the escalating frequency of data breaches and cybersecurity incidents, a multitude of browser developers are presently concentrating on the integration of functions and features geared towards fortifying privacy and security.

Privacy and security-focused browsers often feature robust cookie management, anti-tracking capabilities, VPNs, encryption, and transparent privacy policies. They may also use open-source code to allow third parties to conduct security audits freely.

Boon Peng highlighted his preference for a certain popular browser for its reliability and efficiency in ensuring security. However, he remains receptive to exploring alternative secure browser options that provide enhanced features or better suit his particular needs, such as those offered by various other providers.

When selecting a secure browser, Boon Peng advised considering privacy, security, speed, and compatibility with devices and applications. Keeping the browser updated with the latest security patches and features is crucial.

In terms of browser extensions, Boon Peng advises utilising tools such as password managers, script blockers, and ad blockers to bolster security and enhance the browsing experience. He notes that certain browsers boast extensive add-on libraries, with some even supporting extensions from other popular browsers.

Boon Peng emphasises the necessity of keeping both extensions and the browser up to date, configuring privacy settings appropriately, and opting for browsers compatible across various operating systems to ensure secure web browsing practices.

Dominic Cheah, Director of Technical Solutions Engineering, ASEAN at Tanium, delved into various security threats that warrant attention.

Software supply chain vulnerabilities, such as the recent log4j and OpenSSL vulnerabilities, pose a significant risk. Attackers can exploit these vulnerabilities to gain unauthorised access to systems or execute malicious code, potentially leading to data breaches or other security incidents.

Critical operating system (OS) vulnerabilities are another concern. Attackers can exploit these vulnerabilities to gain unauthorised access to systems, compromise data, or disrupt operations. It is vital for organisations to promptly apply security patches and updates to mitigate the risk of exploitation.

Insider threats involving malicious or negligent actions by individuals within an organisation are also a significant concern. Insider threats can result in data breaches, fraud, or other security incidents. Organisations should implement appropriate security measures, such as access controls and monitoring, to detect and mitigate insider threats.

Quantum cryptography, while still an emerging technology, is a potential future threat. Quantum computers have the potential to break current cryptographic algorithms, rendering existing encryption methods ineffective. Organisations should monitor quantum computing and cryptography developments and be prepared to adopt quantum-resistant encryption methods when necessary.

“It is crucial for organisations to remain vigilant and proactive in addressing these security threats,” insists Dominic. “By implementing robust security measures, such as regular software updates, employee training on cybersecurity best practices, and encryption technologies, organisations can significantly reduce their risk of falling victim to these threats.”

Additionally, organisations should consider adopting a Zero Trust security model, which assumes threats exist inside and outside the network. This approach emphasises the need to verify and authenticate all users and devices attempting to access the network, regardless of location.

Regular security audits and penetration testing can help identify and address the organisation’s security posture vulnerabilities. By staying informed about the latest security trends and technologies, organisations can better protect themselves against evolving threats and ensure the security of their corporate access, even in a BYOD environment.

Kavier Koo, Lead System Engineer, South-East Asia at RSA Security, echoes Dominic’s sentiments. He stressed the importance of implementing Bring Your Own Device (BYOD) policies as a crucial consideration for organisations aiming to bolster security.

While implementing BYOD policies presents both opportunities and challenges for businesses, Kavier believes that adopting a strategic approach to identifying and managing BYOD risks can allow organisations to harness its benefits without substantially heightening security vulnerabilities.

A comprehensive BYOD security policy is essential in today’s workplace, where employees often bring their smartphones, tablets, or laptops. Unlike in the past, when employees exclusively used company-provided devices, the prevalence of personal internet-connected devices means there is a more significant potential for employees to inadvertently introduce security threats to the organisation.

Given the substantial organisational challenges and risks associated with implementing a BYOD policy, Kavier offers crucial considerations for its implementation:

1. Security Risks: BYOD introduces various security risks, including data theft, malware, and unauthorised access to sensitive information.
2. Lack of Uniformity: Managing devices with different operating systems and software can be challenging, making it difficult to enforce security policies consistently.
3. Compliance Enforcement: Ensuring compliance with data protection and privacy laws can be complex, especially in industries with strict regulations.
4. Mobile Management: Effective mobile device management is crucial to ensure devices are secure, up-to-date, and properly configured.
5. Device Loss or Theft: The risk of data loss increases if an employee loses or has their device stolen.
6. Improper Mobile Management: Employees may introduce unapproved applications or only apply security patches with proper management.
7. Insufficient Employee Training: Employees may need to be fully aware of the security risks associated with using personal devices for work, leading to inadequate security practices.

The security challenges linked with BYOD remain a shared concern for businesses of all sizes, ranging from large enterprises to small and medium-sized businesses (SMBs). This stems from the necessity for companies to exert some degree of control over smartphones, tablets, and laptops that are not owned by the organisation but are instead personal devices owned by employees.

As BYOD has become more prevalent and awareness of associated security risks has increased, the adoption and acceptance of BYOD security policies have grown among companies and their employees.

A BYOD security policy is imperative for upholding company security in a personal device environment. Kavier recommends incorporating several key elements into a BYOD policy:

1. Acceptable use defines which applications and assets employees can access from their devices.
2. Minimum required security controls for devices.
3. Company-provided components, such as SSL certificates for device authentication.
4. Company rights for altering the device, such as remote wiping for lost or stolen devices.

Kavier believes that a comprehensive BYOD policy should clarify ownership of apps and data, specify permitted and prohibited applications, and address reimbursement for device use. Additionally, the policy should outline security requirements for BYOD devices, such as whether the company will provide a mandatory mobile device security application or allow employees to choose their security solutions.

Kavier also underscored the importance of addressing employee exits as another critical consideration and the guidelines for the handling of company data on employees’ devices upon their departure. Clear policies should be established, including procedures for the IT department to wipe the employee’s device.

“Implementing BYOD policies presents opportunities and challenges for organisations,” Kavier ends. “But with a strategic approach to managing risks, we can harness its benefits without compromising security.”

Closing Remarks

Ivan Lee, who serves as Sales Director at Fujitsu Asia Pacific expressed heartfelt gratitude to all participants, panellists, and sponsors of the OpenGov Event, highlighting the invaluable experiences shared and insights gained during the discussions.

The active engagement and enthusiasm displayed by all participants at the event were commendable, as they contributed valuable insights to the discussions and presentations.

The lively interactions and thoughtful questions further enriched the experience, inspiring everyone with a shared dedication to advancing digital knowledge and collaboration. This commitment to learning and sharing greatly enhanced the event’s success, fostering a vibrant atmosphere of collaboration and knowledge exchange.

“This event not only provided a platform for sharing the latest knowledge and best practices in digital transformation but also strengthened professional networks and cross-sector collaboration,” Ivan was delighted to note.

In recapping the discussion, Mohit reiterated the significance of hybrid cloud environments, echoing sentiments shared by the panellists. He recognises the hybrid cloud’s pivotal role in seamlessly integrating private and public clouds to amplify organisational advantages. He believes that this integration offers unparalleled flexibility, scalability, and cost-efficiency by facilitating the fluid movement of workloads between private and public clouds in response to evolving demands.

It’s crucial to understand that adopting hybrid cloud environments goes beyond mere technological advancement; it’s a strategic initiative aimed at driving business excellence. However, organisations must ensure that their hybrid cloud strategies align with their specific requirements and overarching business objectives.

This alignment, Mohit emphasised, enables organisations to leverage the full potential of hybrid cloud environments, optimising operational efficiencies, enhancing agility, and achieving substantial cost savings.

To effectively manage a hybrid cloud environment, organisations must prioritise robust cloud management solutions and align comprehensive hybrid cloud strategies with their business objectives. This approach is essential for overcoming the unique challenges associated with a hybrid cloud, including ensuring data security, regulatory compliance, and optimising performance across diverse cloud platforms.

By adopting strategic approaches that mitigate risks and drive enhanced operational efficiency and innovation in the digital landscape, organisations can fully leverage the potential of hybrid cloud environments to drive business excellence.

“As we reflect on the significance of hybrid cloud environments and the strategic imperative they represent for driving business excellence, let us remain committed to leveraging the full potential of these technologies to advance innovation and progress in the public sector,” Mohit concludes. “I am confident that our continued collaboration will pave the way for a brighter future, marked by enhanced efficiency, agility and success.”