September 29, 2020

We are creating some awesome events for you. Kindly bear with us.

We are creating some awesome events for you. Kindly bear with us.

An intelligence-driven SOC is necessary for public sector organisations to function effectively and efficiently

After an immensely informative and interactive session with delegates from the telecom industry across ASEAN, OpenGov Asia ventured to discuss the importance of an intel- driven security operations centre with executives from Indonesian public sector agencies.

The session on 27 August witnessed a 100% attendance and a high level of interaction with the audience from Indonesia.

Mohit: In these times collaborate with experts in the field of cybersecurity rather than doing everything in-house

The stage was set by Mohit Sagar, Group Managing Director and Editor-in-Chief at OpenGov Asia for the discussions at hand.

Mohit began by highlighting the unpreparedness of individuals and organisations when they were hit by the pandemic.

The magnitude of the hit was beyond anything people could have imagined and has made everyone push the boundaries in everything that needed to be done.

Bad actors in the cybersecurity space are becoming more and more sophisticated making it inevitable for organisations to ensure their cybersecurity systems are robust and up to date with the latest technology.

Mohit advised delegates to not just respond to and recover from the pandemic but also plan to thrive during these testing times. The key to that is empowering and educating our employees and to find the right partners.

He also cautioned the delegates to not try and do everything in-house as it will cost more money and time. Since both are of the essence in the current scenario, a wise decision would be to collaborate with experts in the field.

Mohit encouraged the delegates to create alliances with those who are already thinking ahead of time in the cybersecurity industry and can help organisations thrive in these times with suitable solutions.

Genie: Follow the four-pronged approach to addressing cyber threats

After Mohit, Genie Gan, Head of Public Affairs and Government relations APAC, Kaspersky came forward to share her insights. She began by stressing the crucial role that governments play in times of crises.

Furthering the points highlighted by Mohit, Genie shared her observations of how the bad actors are capitalising on the chaos.

She shared interesting facts about the security threat landscape in Indonesia during the last one year. Her data showed that there were more than 220 million cyber-attack attempts in Indonesia according to the National Cyber and encryption agency.

Keeping in mind the state of affairs in the Indonesian cybersecurity landscape, Genie emphasised that digital defence is as critical as digital innovation for any government that is aiming to digitally transform the nation.

She concluded by sharing a four-pronged approach to addressing cyber threats and validated each point with an example/ success story from the APAC region:

  • Threat Information Sharing
  • Engaging the community through public-private partnerships
  • Investing in education and creating awareness
  • Promoting transparency
Aswami: Focus on Cyber I 3 -Intelligence, Incidence Response and Investigation

After Genie, Dr Aswami Ariffin, SVP & Cyber Forensics Scientist, Cyber Security Response Services at Cyber Security Malaysia shared his learnings on the topic. He explained that with the new tech and applications being introduced, they have observed a heightened cyber risk through their threat intelligence. He also shared some current data that showed an overall rise in malware infections and that the botnet drone-count has gone up throughout 2019.

Aswami further shared that as a national organisation they not only engage with both the public and the private sector to help establish a robust cyber defence system.

The robust cyber defence system is backed up by a well-structured 6 step process that involves detection, preservation, eradication, forensics analysis, presentation and finally the takedown.

He really highlighted the importance of collecting intelligence by analysing the three important factors in running a business: people, process and technology.

Aswami urged the audience organisations to not just intake intelligence from outside parties but also set up their internal sensors and monitoring mechanisms. He gave the mantra of Cybersecurity I 3 to the delegates, where the 3 I’s stand for intelligence, incidence response, and investigation. An Intel driven modern SOC must stand on these 3 pillars.

He concluded his presentation by emphasising the need for coordinated effort and strong information-sharing networks amongst organisations.

After the informative presentation, the session got more interactive by way of polling questions for the audience.

On the first question about their organisation’s biggest cybersecurity concern, the audience was almost equally divided among all four options given to them (25% for each).

One of our delegates from a public sector agency reflected that they have carefully monitored the nature of cyber-attacks over the last two years. They found out that most of them come from targeted attacks by hackers outside the organisation, making them a bigger threat.

On the next question regarding primary IT security spending the delegates again seemed equally divided among all four available options.

Another senior IT executive from the audience shared that they voted for endpoint security as, in their experience, it is the most reliable and feasible strategy, especially in his organisation as everyone uses their own device and is responsible for it.

On the final question about proactively planning to prevent cybersecurity attacks in future, a major chunk of delegates voted for deploying threat intelligence (36%).

Leonard: Threat intelligence sits at the centre of a Security Operations Centre

When asked the reason for choosing this specific option, one of the delegates shared that investing in threat intelligence if the best way to prevent cybersecurity attacks as it gives you updates about the latest cyber threats around us. It is important to allocate a fair amount of budget on this to stay safe ourselves and also advise our colleagues.

After the engaging polling session, Leonard Sim, Head of Presales, APAC, Kaspersky addressed the delegates with closing remarks.

Leonard shared with the audience the detailed process of how a SOC operates and that threat intelligence sits at the centre of the process. He also explained to the delegates how Kaspersky can help and support them in that process.

He then thanked all the delegates for sharing their perspectives and engaging in discussion with each other. He also urged them to reach out to Kaspersky if they need any kind of support or assistance on their journey towards a robust security operations centre.