In the light of the pandemic and remote working becoming the new norm, the cybersecurity landscape has changed dramatically. Especially in the essential services industries like healthcare, governments, telecom, etc. that did not get any respite during the last few months. In fact, agencies and organisations in these sectors were working increasingly and incessantly to ensure the well-being of citizens/consumers.
Due to the increased pressure on these services and remote working, these organisations and industries have become an easy target for bad actors in cyberspace. Therefore, constant monitoring and quick recovery from these attacks is the urgent need of the hour. Understanding the sensitivity of this topic OpenGov Asia organized a second of the Virtual breakfast insight series in collaboration with Kaspersky on 14 August 2020: Intelligence Driven Modern SOC: A Future-ready Outfit.
In this exclusive session, delegates who participated came from a wide range of public sector industries in Thailand. They were eager to better understand how the Thai government is planning to deal with the heightened cybersecurity risk.
Empower the workforce to thrive during these times
The event was opened by Mohit Sagar who highlighted the fact that the pandemic made us all re-think our position as individuals and organizations.
In the past few months, hacking and phishing attacks have become more prevalent than before. Compounded with the compulsion of remote working, people and organisations have been exposed to several vulnerabilities.
He emphasised that quick-response to attacks and constant surveillance of the organizational cyberspace with a Security Operations Centre within the organization is almost a necessity to operate effectively during these tough times.
He concluded his presentation by stressing that in order to thrive in these times, organisations need to empower their workforce with the right knowledge and resources and collaborate with partners who champion cybersecurity.
Cyber defense as critical as Cyber innovation
After Mohit, Genie Gan, Head of Public Affairs and Government relations APAC for Kaspersky. She began by stressing the crucial role that governments play in times of crisis.
Furthering the points highlighted by Mohit, Genie shared her observations of how the bad actors are capitalising on the chaos.
She shared interesting facts about the security threat landscape in Thailand during the last few months. Her data showed that 6,067,924 web threats were blocked in Thailand from January to June 2020. Around 85,384 ransomware samples were detected by the Kaspersky solution in Thailand at the same time.
It was astonishing to know that more than 2-in-10 Thai Users were almost infected by web threats.
Keeping in mind the state of affairs in the Thai cybersecurity landscape, Genie emphasised that digital defense is as critical as digital innovation for any government that is aiming to digitally transform the nation.
She concluded by sharing a four-pronged approach to addressing cyber threats and validated each point with an example/ success story from the APAC region. They are as follows:
- Threat Information Sharing
- Engaging the community through public-private partnerships
- Investing in education and creating awareness
- Promoting transparency
After Genie’s insightful presentation Dr. John Kan, Chief Information Officer at the Agency for Science and Technology research shared his thoughts and perspectives on the issue at hand.
What you do during a threat incident is as important as planning for it in advance
Dr. Kan began by sharing the basic operating principles of SOC at his organisation. He shared the 4 stages of the ICT and Data incident Management process which include:
1) Pre-incident preparation
2) Detection and Analysis
3) Response and Remediation
4) Post-incident Enquiry
He then elaborated on the response plan in case of an IT security incident as he shared that no matter how much you prepare for an incident what you do in the advent of a real threat is very critical. He also elaborated on each of the steps involved in the response plan I.e. identification, containment, investigation, and recovery.
Since incident management is so critical to running smooth operations, he also shared some tips to enhance readiness in the process. These tips include:
- Form an incident management team
- Establish an incident management process
- Be conversant with the process
- Conduct incident management exercises
- Empower your team
- Stay relevant
He concluded by pointing 4 success factors that need to be perfected in order for an organisation to operate in a fully safe and secure environment.
- Keeping people informed and educated
- Having a well-defined incident response framework
- Upskilling and Reskilling in SOC
- Having Cyber insurance
After John Kan’s powerful presentation, the session became more interactive through the polling questions with the delegates sharing their personal insights and comments.
On the first question of what your primary IT security spending is for, the majority of the audience voted for SOC technologies (SIEM, Threat Intelligence, SOAR) (47%).
On this, a senior director IT security from a public organisation shared that he voted for the above option as his organisation is heavily investing in it mainly due to legacy reasons. But he also shared that people are still the weakest link in the security framework and need investment.
On the next question of how you stay ahead of the latest security updates and threats, our audience was split between, from vendors as part of product acquisitions (43%) and from threats intelligence reports subscription (47%).
A senior IT executive from another government agency shared that in his opinion getting updates from the vendors is the fastest and most effective way of getting updates as they are experts.
On the final question of how you plan to prevent cybersecurity attacks, our delegates voted for: engage security assessment services (42%).
Another delegate from a government agency shared that if she voted for security assessment services as if an organization is starting off in this direction, this is a good step as it is easy to propose and initiate.
The polling results from the healthcare session being displayed simultaneously were good eye-openers for our delegates.
After the polling session, Victor Chu, Head of System Engineering, SEA- Enterprise Cybersecurity from Kaspersky came forward to close the session. He shared some insights about Kaspersky threat intelligence and the kinds of threats that have been prevalent over the period of the last 4 months. He also briefly highlighted the needs of threat intelligence and how Kaspersky can help provide those solutions.
Our delegates took away valuable information around the current cybersecurity landscape and the solutions to protect them.
The Singapore University of Technology and Design (SUTD) and Tecnológico de Monterrey (Tec) through its Institute for the Future of Education, signed a research collaboration agreement to improve the cyber-physical learning of students and teachers in Singapore and Mexico.
The three-year agreement will see the two parties share practices and experiences in the configuration and usage of cyber-physical learning infrastructure to create new opportunities for educational innovation and research, resulting in new pathways for the future of education.
The SUTD-Tec’s Institute for the Future of Education agreement will foster the exchange and sharing of practices of cyber-physical learning and evaluation of the effectiveness of associated educational delivery models. Both parties will conduct joint experiments involving students and instructors to explore domains such as technology-enabled learning, translational pedagogical innovations, learning analytics, and personalised and engaging learning.
This research collaboration will have its focus on the SUTD campusX initiative, which focuses on the needs and experiences of students and instructors using data analytics and learning sciences with the purpose of creating a safe, inclusive, and enjoyable space for students to learn, interact and optimise their learning outcomes.
With regards to the campusX and its impact on the future of education, SUTD’s Provost stated that both Tec and SUTD share a common vision of cyber-physical learning, with similar interests and understanding of the challenges in areas of applying human-centric technology and design to the practice of pedagogy and andragogy in actual higher learning environments. This forms a strong basis on which many more projects can be conducted between Tec and SUTD. The current research collaboration is an important start and SUTD looks forward to furthering the partnership with Tec in years to come.
He noted that, similarly, SUTD also looks forward to working with more like-minded partners across academia and industry and from local and global landscapes to make cyber-physical learning a reality.
Speaking about the research collaboration between the two renowned higher education institutions, the Rector for Higher Education of Tecnológico de Monterrey expressed his satisfaction with the signing of the agreement and said that to advance in current-day education challenges and design the future of education, collaboration is key.
He noted that Tec has pioneered educational innovation in Mexico and Latin America, and they aim to expand their projects and initiatives to have an increasingly global relationship and impact. An initiative aimed at strengthening links with Asia is being developed; these collaborations with them will extend to the areas of research, education, and technology.
Furthermore, the Executive Director of the Institute for the Future of Education of Tecnológico de Monterrey emphasised the importance of this kind of agreement between both universities. He noted that conducting joint experiments to evaluate innovative cross-border educational models will be key to developing effective cyber-physical learning environments.
The collaborative project with SUTD’s campusX initiative will increase learning opportunities for global higher education audiences, capitalising on the intercultural exchanges between Singaporean and Mexican students and professors, and developing best practices with an international perspective, he added.
The research activities framed in this agreement are slated to begin in the first quarter of 2023 and the experimental and simulated learning environment trials will result in the identification of best practices in digital education delivery models supported by effective cyber-physical technology platforms.
The Indian Institute of Technology, Madras (IIT-Madras) has launched an online masters in technology (MTech) course for working professionals, allowing candidates to pursue the educational qualification while working. According to a statement, the tailor-made online programme for qualified engineers is gaining popularity and over 600 working professionals have already enrolled for the three-year course.
The MTech degree includes programmes on communications, VLSI and analog circuits, microelectronics, multimedia signal processing, software security, automotive engineering, mechanical design, interdisciplinary programmes in quantum technology, and data sciences.
IIT-Madras is the first IIT to offer an MTech course in a distance learning mode through its Centre for Continuing Education. “The students of this programme have the same rights and privileges as regular students. The working professionals can carry out the project work at their workplaces. They do not need any residency as compared to sponsored candidates,” a representative from the IIT-Madras said. From only 14 candidates in 2020, the number has shot up to 605 this year.
IIT-Madras faculty, teachers from other premier academic institutions, and eminent industry professionals will be conducting the classes. Apart from online classes, which are held in the evening, students will also have live interaction with their faculty members. Students will give exams in the same city as their offices. In terms of the evaluation method, a problem statement will be evaluated and approved by IIT-Madras faculty. A mentor will guide the student at their workplace. The student’s progress will be jointly evaluated by faculty from IIT-Madras and the mentor. The faculty member will approve the problem statement and review the progress.
In September, IIT-Madras launched an industry-oriented Online Certificate Programme on e-mobility for working professionals. Four out of the nine modules in the programme are delivered by industry professionals. The programme was conceived with inputs from industry experts and would be continuously upgraded based on technology trends, market trends, and industry needs, the Institute noted.
The course is offered through IIT-Madras’ Centre for Outreach and Digital Education (CODE). It provides an overview of the e-mobility ecosystem and fundamentals in technical areas like vehicle development, power electronics, battery engineering, thermal management, power trains, and EMI/ EMC, among others. The programme contains 120 hours of video classes and 40 hours of online contact classes with the faculty. The candidates need to complete regular assignments and a final evaluation, after which they will receive a certificate. The first cohort started at the beginning of October.
In November, the Institute partnered with United States-based Purdue University to jointly develop a dual-degree programme in semiconductors. As OpenGov Asia reported, the programme focuses on an innovative, cooperatively developed curriculum to meet the growing needs of the industry. Undergraduate students with strong academic credentials and a deep interest in semiconductor devices, chip fabrication, and circuits and systems will be considered. The programme will enable a quick ramp-up of skilled talent, preparing the next generation of the semiconductor workforce. The partnership would also entail research collaboration in semiconductor supply-chain management, chip design, packaging, system architecture, and advanced manufacturing methods
Australia’s national science agency, CSIRO, recently revealed details of an AU$15 million project to develop a national soil information system, aimed at improving the sustainable management of one of the nation’s most precious assets.
Supporting the National Soil Strategy, and funded by the Australian Government’s Department of Agriculture, Fisheries and Forestry, the Australian National Soil Information System (ANSIS) project is a collaboration between the government, research organisations, industry, the private sector and the community.
Using innovative processes and technologies, ANSIS will allow improved sharing of nationally consistent soil data and information through online access for users. This will help Australians to better understand their nation’s diverse range of soils and make better decisions about managing our important soil resources. Currently, soil data is collected using different methods, by different organisations, and at a range of depths in the soil. This makes it hard to access, compare and use data from diverse sources.
The Project Lead at CSIRO stated that improving access to the best soil data and information can help promote digital agriculture innovation and is key to sustainably managing Australia’s soils. By using ANSIS, farmers and agricultural advisors will have access to more soil data and be better placed to more sustainably manage the soil on which they rely.
Soil is vital to agricultural production and natural environments, as well as health and well-being. This information system will help everyone care for this important natural resource. Productive, healthy, and resilient soil means more economic, environmental, and social benefits to Australia. Monitoring soil also helps scientific understanding of how the natural world is changing.
This work will provide insight into biodiversity, water resources, landscapes and coastlines, fauna, climate, and geology. By harmonising Australia’s soil data, we can make it accessible across many fields of science and exploration. The project is being delivered under the Federal Government’s National Soil Strategy, which is about prioritising soil health, empowering soil innovation and stewards, and strengthening soil knowledge and capability. The new ANSIS system will be available for use in 2023.
ANSIS will provide improved access to nationally consistent soil data and information needed to help sustainably manage Australian soil. ANSIS will provide:
- More soil data
- More data sets are available that in other soil systems
- Enables more certainty in products developed
- Opportunity to develop new products
- Improved access
- Multiple data sets are now discoverable and accessible
- National coverage
- Most up-to-date data available
- Efficient provision
- Organised and standardised data for immediate use
- Can feed into many users’ requirements
- Consistent delivery
- Substantial reduction in time to prepare information products
- Trusted location
- Certainty that data is from an authoritative source, verified and satisfies standards.
The country has established the Indonesian Aviation Sector Computer Security Incident Response Team (IAS-CSIRT) to strengthen cybersecurity. The team will report to the Ministry of Transportation’s Director General of Air Transportation.
To anticipate system vulnerabilities, identify opportunities for bad actors to exploit, and reduce the risk of cyber incident threats, the aviation sector required a dedicated cybersecurity team. The CSIRT will regularly publish information on vulnerabilities, security, and new technology trends. The team is also prepared to face various escalating challenges. Members of the CSIRT will be trained through cyber drills and workshops.
The team is in charge of receiving, reviewing, and responding to cyber incident reports and activities with the function of providing reactive services by performing incident coordination, incident triage, and incident resolution.
During the IAS-CSIRT inaugural speech, the Deputy for Cybersecurity and Economic Cryptography of the National Cyber and Crypto Agency (BSSN), Markos, said that the aviation industry increasingly relies on digital technology for flight operations, ground services, communications navigation and surveillance, airport infrastructure, air traffic management, and supply chain.
Therefore, cybercrime prevention and management are crucial for many parties, including aviation service providers. F. Budi Prayitno, the Director of Aviation Security at the Ministry of Transportation, outlined the importance of cyber defence since cybercrime has resulted in considerable losses across sectors. “Effective cyber-crime prevention and management necessitate the collaboration of various cyber security stakeholders who already have a CSIRT,” said Budi. The BSSN contributed to the formation of the IAS-CSIRT.
Markos hopes that the IAS-CSIRT will be able to collaborate, synergise, and share information with various stakeholders and other cybersecurity constituencies in Indonesia, particularly in the handling and recovery of cyber incidents.
BSSN wants other sectors to form a CSIRT as well. The IAS-CSIRT was established for the first time (IIV) following the issuance of Presidential Regulation 82 of 2022 concerning the Protection of Vital Information Infrastructure. Sector IIV prioritises the CSIRT because it manages various strategic information assets related to community survival, national stability, and sovereignty.
Before the inauguration, BSSN signed a memorandum of understanding (MoU) and cooperation agreement with state-owned Aviasi Wisata Indonesia (InJourney Group) to support the tourism industry. In addition, cooperation on information protection and electronic transactions intends to improve the quality of information protection and electronic commerce.
The agreement’s scope includes information and communication technology security, the use of electronic certificates to improve electronic transaction security, the improvement and development of human resources, the exchange of information, and cybersecurity campaigns and literacy.
At the signing ceremony, the Head of the National Cyber and Crypto Agency (BSSN), Hinsa Siburian, emphasised the importance of synergy and collaboration to recover the Indonesian aviation and tourism industry through a reliable and safe digital transformation.
Furthermore, between January and November 2022, BSSN detected over 1.14 million traffic anomalies across all InJourney Group assets. BSSN said the most anomalies were discovered in August, with 235,742 events.
The collaboration is expected to make digital information transactions and exchanges more secure and leak-proof. The rapid advancement of digital technology presents an opportunity for Injourney to gain trust and confidence in the Indonesian tourism industry. However, as a result, it must be balanced with maximum data, information, and electronic transaction security.
China Provincial Development and Reform Commission announced the list of the second batch of digital transformation promotion centres in Liaoning Province. There are 13 additional provincial-level digital transformation promotion centres to help small and medium-sized enterprises improve transformation capabilities, reduce transformation costs, and shorten transformation cycles. There are currently 29 digital transformation promotion centres in the province, in addition to the previously announced first batch of lists.
The centres will assist the government in promoting digital construction in Liaoning and cultivating a digital transformation ecology. The programme is under the construction of the second batch of digital transformation promotion centres in Liaoning Province according to the Provincial Development and Reform Commission. The listed enterprises in this programme are based on self-declaration and recommendations from provincial and municipal departments. Experts then review the voluntary requests before being finalised and publicised.
According to the Provincial Development and Reform Commission, the digital transformation promotion centre should fully integrate resources to assist small and medium-sized enterprises.
The province government will provide transformation tools, products, technologies, and customised solutions to support business digital transformation and development. The centre promotes traditional businesses, internet platform enterprises, industry platform enterprises and financial institutions.
The government also promotes collaborative innovation in industries, education, medical care, employment, elderly care, and other fields. Companies participating in the programme will use the projects as a starting point to develop digital technology application scenarios. Participants in the programme are also permitted to complete personnel training with universities and colleges and vocational training and education.
The Provincial Development and Reform Commission will regularly evaluate provincial-level digital transformation promotion centres. The results will be used to recommend applicants for national-level digital transformation promotion centres.
China is currently driving the country’s digital economy. In early November, the General Office of the Ministry of Industry and Information Technology issued the “Guidelines for the Digital Transformation of SMEs.” The regulation aims to fully implement the Party Central Committee’s and State Council’s decision-making deployment to encourage SMEs to improve their overall strength and core competitiveness through digital transformation.
The General Secretary of the Communist Party of China, Xi Jinping, stated that “small and medium-sized enterprises can do great things.” He also emphasised the importance of grasping the direction of digitisation, networking, and intelligence. Moreover, promoting the digitisation of manufacturing, service industries, agriculture, and other industries is also necessary.
The guidelines aim to implement Party Central Committee and State Council decision-making and deployment, strengthen policy coordination, strengthen scientific guidance, deepen transformation awareness, and gather work synergy. The report also needed to promote high-quality economic development through the digital transformation of small and medium-sized businesses. The effort also had to be consistent with the overall economic and social digital transformation trend.
Furthermore, China will use the guidance to increase specialisation and new development of small and medium-sized businesses. The government intends to expand the use of digital technology in various sectors, including research, production, supply, marketing, and clothing. They plan to empower and refine products, increase value, plus accelerate technological innovation and new development in small and medium-sized businesses.
Another role of guidance is strengthening the digital transformation system and the comprehensive path of small and medium-sized businesses. Digital transformation is a multifaceted, cross-cutting project. The guidelines thus aid transformation from the demand side, the supply side, and local governments at all levels. All interested parties can use the guidelines to clarify their positioning and path and strengthen the collective force of transformation.
Stakeholders in the payments industry were challenged to step up their technological advancement. The appeal was issued as a government effort to ensure that the country stays current in advancing the money and payments landscape.
“My overarching message is that we all work and live in a period of substantive change. (The change) offers enormous opportunity if embraced, but potentially greater risk if not,” Karen Silk, Assistant Governor of the Reserve Bank of New Zealand – Te Ptea Matua, said at a conference in Auckland.
Silk emphasised the technological improvement needed because New Zealand does not yet have scalable electronic, instant, peer-to-peer payments and lacks real-time retail payment systems. She also encouraged speeding up the fintech developments in the country. She noted that the country could become more digitally competitive by nurturing home-grown fintech enterprises.
The government has recognised the importance of increasing domestic competition and efficiency savings in the payment space and the broader financial system. However, lingering reliance on legacy systems, failure to understand regulatory impetus and focus, and limitations in cohesion and provision of regulatory support for innovation are impeding real progress.
Nevertheless, Silk praised recent legislative changes. Financial regulators provide a one-stop shop for fintech firms and system-level work to improve cross-border payments. The positive movement makes domestic interbank payments available seven days a week.
Silk stated that challenges could arise from new players who “inadvertently” introduce design or technology risks. She called it a risk as the nature of the business avoiding New Zealand regulation or undermining the role of central bank money, whether cash or a possible Central Bank Digital Currency (CBDC). Even though the Reserve Bank is still researching the CBDC.
The Reserve Bank of New Zealand published a paper recently describing the current state of the country’s payments system. It will issue another next month, consulting on the potential need to regulate private crypto assets until March 2023.
The Reserve Bank remains committed to improving the cash system’s efficiency and resilience to ensure that it continued providing payment options for everyone and financial and social inclusion for those who rely on it, Silk said. Next year, the Bank has planned small live experiments to investigate various ways to expand merchants’ roles in the cash system.
This could include assisting merchants in recycling cash at the point of sale; compensating them for cash-out services; facilitating frequent, affordable cash delivery and collection for merchants; and consolidating the cash system through the creation of utility entities, Silk explained.
Payments represent the flow of money. Sooner or later, the global payment evolution will also impact New Zealand. Hence, the country demands better, smarter, and faster payment. As a result, the study of payments has come under scrutiny.
Only some understand the intricacies of New Zealand payments, and because they are complex and interconnected, creating a single view of the payments landscape takes time and effort. Furthermore, payment systems and services differ from country to country.
The Reserve Bank plays a multifaceted role in the payment landscape. The bank runs, participates in, regulates, and monitors core payment systems. It has also recently taken on the part of money steward in New Zealand. In addition, it is interested in supporting and ensuring that money and payment systems are efficient and reliable and supporting innovation and inclusion.
The National Development Council (NDC) Deputy Minister, Kao Shien-quey, discussed the idea of tightening cooperation with the Europe Union (EU) when attending the presentation meeting of the European Chamber of Commerce Taiwan (ECCT) 2023 Position Papers.
According to Kao, the government is actively promoting the “Six Core Strategic Industries” as part of the 5+2 Industrial Innovation Plan. It has designated several vital industries to take precedence in the programme, including semiconductors, finance, manufacturing, and service, among others.
The Executive Yuan has proposed an amendment to Article 10-2 of the Industrial Innovation Statute requiring the semiconductor industry to consolidate its competitive advantage. Moreover, the Taiwan government will use cutting-edge technology such as artificial intelligence (AI) and 5G to drive digital transformation in finance, traditional manufacturing, service, and other industries.
Each ministry actively promotes issues such as talent recruitment, bilingual policy, and other ECCT-related concerns. For example, the NDC has established the Employment “Gold Card Office” to increase the quality of professional talent recruitment. The certificate provides integrated services from work to life to international talent. Currently, nearly 6,200 Employment Gold Cards are valid.
Furthermore, Taiwan is focusing on intensifying its work on energy transformation. Kao stated that, in the face of the new post-pandemic global situation, the government is actively promoting the dual shifts of “net-zero” and “digital,” as well as building resilient global supply chains with the EU and other allies.
The government’s most crucial task in net zero is energy transformation. Accordingly, Taiwan officially announced “Taiwan’s Pathway to Net-Zero Emissions in 2050” in March this year. The initiative sets stage milestones and will present the concrete execution plan of the 12 Key Strategies, which cover issues of concern to ECCT. Some critical problems are wind power, photovoltaic power, and other renewable energy, as well as energy storage, power systems, and vehicle electrification, by the end of the year.
Kao stated that the government has allocated a net-zero related budget of NT$ 68.2 billion (US$ 2.2 billion) for next year and the 10-year “Construction Plan for Strengthening Grid Resilience.” She thanked European firms for their involvement in renewable energy in Taiwan. She urged them to continue participating in Taiwan’s energy-related construction to capitalise on Taiwan’s green transformation business opportunities.
Regarding supply chain resilience, Kao echoed the ECCT’s Position Papers, stating that many countries are restructuring supply chains. The restructuring happens in response to the current situation’s challenges, and Taiwan has advantages in semiconductors and International Trade Commission (ITC). Moreover, she shared the ideas of democracy and the rule of law with the EU, making Taiwan and the EU each other’s most trustworthy partners in supply chain restructuring.
Taiwan and Europe have enormous potential for future collaboration in new strategic industries. The best example is ASML’s announcement that it will make its most significant investment in Taiwan next year to collaborate on building a more secure and resilient global supply chain.
Kao also thanked the ECCT for its long-term efforts to promote bilateral relations. She said that Taiwan values the European Parliament’s support during this period of increased geopolitical risk. Kao thanked ECCT for its long-term involvement in Taiwan and expressed hope that ECCT can continue to support Taiwan and seize opportunities for transformation together in the new post-pandemic world.
Previously, President Tsai announced the plan to strengthen ties with Europe in her New Year’s Day speech this year. The administration has proposed a US$ 1.2 billion Eastern Europe Investment and Finance Fund. The budget indicates that Taiwan-Europe trade and economic relations are approaching a new high point.