January 31, 2023

Subscribe
Linkedin-in Twitter Facebook-f Youtube Instagram

8th Annual Singapore OpenGov Leadership Forum 2023, 10 - 11 MAY 2023 - CLICK HERE FOR DETAILS

We are creating some awesome events for you. Kindly bear with us.

EXCLUSIVE: The Finnish approach to cyber resilience

Share via

Worldwide, 2019 saw waves of cyberattacks that amounted to trillions of dollars in losses. Hackers are constantly devising way new ways to break through these constructed walls of security. Hence, it is crucial now more than ever to be vigilant and prepared for such attacks.

Both the public and private sectors strive to ensure that digital security efforts remain robust in an ever-changing landscape. As with other countries, Finland has set in place strategies to combat cyber resilience challenges and protect its businesses’ and citizens’ data.

OpenGov had the opportunity to speak with Antti Savolainen, Chief Information Security Officer (CISO) for the Ministry for Foreign Affairs of Finland, to gain insights into the measures taken by the Finnish Government to strengthen its cyber resilience.

Antti Savolainen, Chief Information Security Officer, Ministry for Foreign Affairs, Finland

Savolainen is responsible for the cybersecurity of Finnish foreign and diplomatic service. He plays an important role as a link between business leaders and IT, and his main focus areas are risk management, security awareness and incident management.

Savolainen has CISSP and RIMAP certifications. He is also a host of a track in Disobey-hacker conference.

Savolainen is interested in gamification and cybersecurity of smart cities and peace mediation.

Before joining the MFA in 2005, Savolainen was a security consultant at an IT service provider and an infantry officer in the Finnish Defence Forces.

He is a speaker at the upcoming Singapore OpenGov Leadership Forum 2020 (SG OGLF 2020) and will be sharing his experiences and knowledge in this field.

Finnish government’s approach to cybersecurity

Savolainen shared that the Government of Finland had adopted a resolution on the Nation’s Cyber Security Strategy during its plenary session on 3rd October 2019.

The Finnish Cyber Security Strategy 2019 is focused on key national objectives which are to develop the cyber environment and to safeguard key functions. The reform and implementation of this strategy are based on the political agenda of the present Government.

The current strategy relies on the general principles of the former cybersecurity strategy, laid out by the government in 2013. The present strategy and its implementation are also a part of the implementation of the European Union´s Cyber Security Strategy. Influential changes in the operating environment and the identified development needs for work at the national level have pushed the government to update the national strategy.

Risk management

Savolainen listed the following strategic guidelines of the Finnish Cyber Security Strategy 2019:

  • International cooperation
  • Improved coordination of cybersecurity management, planning and preparedness
  • Developing cybersecurity competence

The cybersecurity development programme is set to go beyond government terms, upgrading the allocation of resources and improvement of cooperation for cybersecurity. National cybersecurity policies will be strengthened and there will be a better understanding of cybersecurity projects, research and development programmes.

As part of the programme, there will be an establishment of a dedicated position of Cyber Security Director by the Ministry of Transport and Communications, for coordinating the national development of cybersecurity.

Technologies for enforcing cyber resilience

There is a wide range of technologies in place to enforce cyber resilience. Savolainen shared that the first step to doing so is cyber hygiene. This refers to all systems and networks being designed to resist different forms of cyber disruptions.

Security culture as the solid base for the security technology

“Naturally the technology is not the single silver bullet in solving the challenges. The resilience to cyberattacks comes with security culture, where awareness and education of it produces a positive end-user experience.”
Antti Savolainen

The ‘system resilience by security culture’ is only possible if the system design, development, testing and implementation are made with discipline manners, for example, the DevSecOps-concept.

But this could also be jeopardised with a false sense of security. The weak usage and monitoring of encryption material (certifications, encryption keys, encryption parameters etc.) is one such example.

A “lazy admin”, system administrators with a lack of self-discipline are the quickest option for attackers to access key assets of the system. Following this, the attacker “lives of the land” and uses the system administration tools, technics and credentials to gain the foothold and broaden the attack.

Savolainen shared on some measures taken for ensuring that cyber resilience is enforced:

HAVARO

The National Cyber Security Center (NCSC-FI) delivers and maintains a sensor network called HAVARO. It monitors the internet data flow of key organisations of national cyber assets. This includes governmental organisations and companies tied to the national supply (finance, energy, logistics, digitalisation).

The NCSC-FI monitors and notifies the owner of the network from which the alerts originate. This service is an addition to the organisations’ own responsibility for monitoring its networks.

Separated Systems

Isolating the classified information into separated networks and systems ensures that the attack surface is minimalised and beyond the reach from the internet. Savolainen emphasised that this should be made with a strong encryption of the networks (VPN), strong authentication, tempest shielding and constant monitoring and response.

Approaching a cyberattack

Forensics/technical approach

The first notice of the attack comes either from the target, internet operator, NCSA-FI or exchange of international cyber intelligence. It may come also from an independent source, such as the media, a hacker or a security researcher.

After the initial analysis of the attack, some of these measures will be adopted for countering the attack:

  1. Allow the attack to continue

Note: this is strongly advised only if the cyber/intelligence authorities need more information about the attacker for attribution etc.

  1. Limit or stop the attack net flow
  2. Isolation of the compromised part of the network

Further analysis of the attack will be done to recognise the following:

  • The attack method in different phases of attack
  • Vulnerabilities exploited in the attack
  • Origin or waypoints of the attack
  • Ultimate target of the attack, more complete list of the compromised assets
  • The attacker command & control methods in/out the target, the exfiltration method and address

Initiatives by government for educating people/businesses on cyber resilience

The NCSC-FI releases a monthly Cyber Weather report named Kybersää. This report covers the six information security phenomena as follows:

  1. Network performance
  2. Spying
  3. Malware and vulnerabilities
  4. Data breaches and leaks
  5. Scams and phishing
  6. IoT and automation.

There are three stages for monitoring cybersecurity phenomena. The Cyber Weather conditions may either be calm, worrying or serious.

Anticipating and approaching cyber-attacks

Cyber-attacks are cheaper and easier to launch. Attributing the attack to the source is quite hard, if not impossible. The lack of international regulation provides safe havens for cybercriminals and rogue nations to see this situation as useful for their cyber operations. “The attacks are here to stay,” said Savolainen.

Any regular organisation should agree that they are not capable to avoid the attack in advance, but they should develop the skills to recognise and limit the attack before the attacker gets to the crown jewels.

They should follow the three-step method of surveillance, research and exercise.

Countering a cyberattack

It is imperative for organisations to recognise the attack to stop it. They need to study and research the attacks and exchange information with allies to stay up to the game.

Surveillance and monitoring are important to recognise what should be studied. At the national level, this means getting onboard the internet operators, together with other significant ICT-service and capacity providers. Below the national level, every organisation should take care of their own network, systems and services. Co-operation between the cyber professionals in the same business area amplifies this, especially when business competitors form alliances against cybercriminals.

In Finland, every insurance company reports their cases into a shared information system to counter the insurance frauds. An insurance company can notice if someone claims compensation for the same incident from six different insurance companies.

This same idea about a coalition between competitors could apply in cybersecurity too. They could use proxies, where one does not want to share their findings by their own name. A local security company could do that too.

Ministry for Foreign Affairs of Finland shares a lot of cyber-related information via proxies like NCSC-FI and cybersecurity provider. Mostly the only need is to sanitise the origin of the information to hide our true surveillance capability.

Savolainen stressed that one cannot perform well in real situations without practising and exercising. Or you can avoid common mistakes and make shortcuts when you know the accurate process and contacts.

Exercising should be practised at the team, organisation and national levels. The exercises do not have to be massive and showy to get into the point. Like fire drills, you need to walk the exit route and make sure everyone’s out. You do not have to have smoke and explosions or stuntmen jumping out of windows.

Going through the checklists once a year is far better than once in five years organized spectacle; opting for both is ideal, of course.

What cybersecurity-related topics can be expected during the SG OGLF 2020?

“I’m sure that we cannot avoid talking about AI/ML,” said Savolainen. Topics on AI-powered-deep- fake-videos or netflow analysis will also be discussed.

Savolainen will also engage in discussing Cybersecurity as part of a foreign policy tool kit and on the international regulation of cyber weapons.

He looks forward to having an engaging session and delving into other topics, apart from these I hope there would be also something else than those hard-shelled things. “I would like to have a good conversation about smart city cyber issues from different angles,” he said.

Singapore Boosts Measures Against Scam SMS

Share via

All organisations that use alphanumeric Sender IDs to send SMS are now required to register with the Singapore SMS Sender ID Registry (SSIR) as part of the measures announced by the Infocomm Media Development Authority (IMDA) last October. This registration is intended to protect consumers from non-registered SMS that may be scams, a press statement has said.

Starting from 31 January, any non-registered SMS will be labelled as “Likely-SCAM”. This functions similarly to a spam filter or spam bin. Consumers might get non-registered SMS labelled as “Likely-SCAM” and are advised to exercise caution. If unsure, consumers are encouraged to check with family and friends. This will improve IMDA’s overall resilience against scams.

All organisations that use alphanumeric Sender IDs must register early with the SSIR. This is to give adequate time as non-registered SMS Sender IDs after 31 January will be labelled as “Likely-SCAM”. Organisations that have not registered their Sender IDs are advised to do so, the statement said.

As of January 2023, over 1,200 organisations have already registered with SSIR, using more than 2,600 SMS Sender IDs. These include financial institutions, e-commerce operators, logistics providers, and SMEs that send SMS to their customers who have registered with the SSIR.

In recent months, IMDA reached out to organisations through aggregators and associations such as the Singapore Business Federation, Singapore International Chamber of Commerce, and Association of Banks in Singapore, to encourage them to register with the SSIR. The mandatory SSIR regime is part of a broader effort to protect against scams, which also includes working with telecom operators to reduce the number of scam calls and SMS coming through the communication networks.

Since the implementation of the SSIR in March 2022, there has been a significant decrease in scams reported through SMS, with a 64% reduction from the last quarter of 2021 to the second quarter of 2022. Additionally, scam cases perpetrated via SMS dropped from 10% in 2021 to 8% in Q2 2022, down from 10% in 2021.

To effectively combat scams, a collective effort from society is needed. Despite implementing various measures, scammers may adapt their methods and tactics. IMDA will continue to collaborate with other stakeholders in the fight against scams, but individual vigilance and awareness are crucial. Consumers should remain vigilant and share scam prevention tips with friends and loved ones, the statement said.

IMDA leads Singapore’s digital transformation with infocomm media. To do this, IMDA is working to develop a dynamic digital economy and a cohesive digital society, driven by an exceptional infocomm media (ICM) ecosystem. It fosters talent, strengthens business capabilities, and enhances Singapore’s ICM infrastructure. IMDA also regulates the telecommunications and media sectors to safeguard consumer interests while fostering a pro-business environment and enhances Singapore’s data protection regime through the Personal Data Protection Commission.

Scams and unwanted commercial electronic messages and calls are an international problem with scammers continuing to prey on unsuspecting parties. Last year, IMDA and Australian Communications and Media Authority (ACMA) signed a Memorandum of Understanding to boost cooperation and fight scams and spam. The agreement covers cooperation in information sharing and assistance in investigations relating to scam and spam calls and short message services. The two sides also agreed to mutual exchanges of knowledge and expertise and collaboration on technical and commercially viable solutions in relation to scam and spam communications.

Thailand Proposes an Act to Deal with Online Crime

a
Share via

Thailand’s Minister of Digital Economy and Society (DES), Chaiwut Thanakmanusorn, disclosed that the Cabinet adopted the Royal Decree Measures for Prevention and Suppression of Technology Crime in principle. Accordingly, the act was assigned to the Office of the Council of State for consideration before further enforcement.

In essence, the proposed order prescribes steps to prevent and suppress deceit in people transferring money by telephone or other means. The law also grants authorities the authority to regulate financial transactions. It prohibits opening accounts on electronic cards or wallets to bring money or property to be used in criminal acts.

The proposed Decree requires financial institutions and business operators to disclose information about their client’s accounts and transactions via a data exchange system to suspend transactions when necessary.

“The drafting of this law is a collaboration of several agencies, including the Royal Thai Police, the NBTC Office, and the Bank of Thailand. Thai Bankers Association Anti-Money Laundering Office (AMLO), etc., believe that this regulation will undoubtedly assist in eliminating the problem of ghost sims, pony accounts, and online crime problems,” Chaiwut clarified.

Procedures for halting transactions can be done when a financial institution or business operator discovers a questionable issue or is told by a competent official. They must advise financial institutions or business owners to halt transactions. The transmitting financial institution or company operator must promptly halt future transactions. They can comply with the transaction if they inspect and find no suspicious cause.

If the victim reports a fraudulent transaction, financial institutions or business operators must immediately and temporarily cease transactions and tell financial institutions or business operators receiving transfers to do the same. For the victim to file a complaint with the investigators within 48 hours, the investigators must act on that account and electronic wallet within seven days of notification. Notification of information or evidence can be sent by phone or electronically.

Furthermore, Telecommunication Service Providers have the authority to communicate information and allow the Royal Thai Police, AMLO offices, and approved agencies to view the information exchanged. At the same time, the Office of the NBTC is in charge of developing the central database for user registration information, short messages, investigation, and prevention.

The use or disclosure of personal data to prevent, detect, and deter online crime will follow personal data protection legislation. It is required to properly tackle the social media problem of fraudulent people and eliminate some legal issues that cause the integration of work between multiple agencies to be stopped or delayed in the current situation.

The act governs the usage of an account and a SIM card. It will instruct consumers to create a personal account for an electronic card or wallet. The act of opening a without the purpose of using it will be considered an infringement. Anyone who knowingly or ought to knowingly allow another individual to use or borrow their SIM card is breaking the law since criminals could use it for fraud or illegal conduct. Breaches of this law may be imprisonment for up to three years or a fine of up to 300,000 baht (US$9163.10) or both.

It is illegal for anybody to obtain, market, or post news to purchase or sell accounts, electronic cards, electronic wallets, or phone sim cards that may result in criminal activity. Anyone who breaches this will face imprisonment for 2 to 5 years and a fine ranging from 200,000 baht (US$9163.1) to 500,000 baht (US$15271.84) or both.

When aberrant behaviour is discovered or a complaint is made to the bank and enables banks and relevant organisations to reveal and exchange information about online crimes through a standard database system. Thai authorities have the authority to suspend or postpone financial transactions for an extended length of time.

Special Wisit Wisitsorn-at, Professor, the Permanent Secretary of the Ministry of Digital Economy and Society, expressed the MDES need to present the draft to the Office of the Council of State for review and consideration before the announcement goes into effect.

The Philippines Strengthens Digital Cooperation with Singapore

Share via

DICT spokesman and Undersecretary Anna Maye Yu Lamentillo conducted the meeting with Singapore Ambassador to the Philippines Gerard Ho Wei Hong to examine future collaborative efforts and Memorandum of Understanding (MoU) implementation between the Philippines and Singapore to enhance digital partnership.

The MoU on Digital Cooperation was agreed upon by President Ferdinand R. Marcos Jr.’s state visit to Singapore last year. It was ratified by DICT Secretary Ivan John Uy and Josephine Teo, Singapore’s Minister for Communications, and Information.

“We reviewed with Ambassador Ho how to implement this MOU and which areas to focus on. Singapore has a wealth of experience in e-governance and cybersecurity, and they can share their best practices with us,” Lamentillo explained.

The MoU covers digital cooperation on digital connectivity, particularly in interoperable systems and methodologies that enable electronic records; cybersecurity, such as organising training courses and technical programmes through the ASEAN-Singapore Cybersecurity Centre of Excellence to improve and strengthen cybersecurity skills; and digital government/e-governance, including digital government strategy, digital government services, and digital government infrastructure.

It also involves exchanging knowledge, technical experience, best practices on scam calls and short messaging services, and personal data protection. It also aims to foster collaboration in emerging technologies such as artificial intelligence, 5G, cloud computing, the Internet of Things, big data, analytics, and robots.

“There will also be collaboration and knowledge exchange to boost the digital innovation ecosystem, such as connecting business owners with promising solution providers; exploring cooperation on digital capability and capacity building; and exchanging knowledge and best practices on digital infrastructure,” she added.

The Philippines has increased its digital partnership with some countries. For example, before cooperating with Singapore, the Philippines signed a memorandum of understanding (MoU) with China on electronic commerce (e-commerce).

The two countries agreed to increase trade of high-quality featured products and services; explore business interchange between MSMEs and e-commerce platforms, start-ups, and logistics service providers; and share best practices and innovative experiences in utilising e-commerce.

The agreement will facilitate the exchange of experiences, best practices, critical information, and trade and e-commerce policies. Both countries will prepare measurements to promote consumer and business protection, intellectual property, data security, and privacy rules. It also contributes to the ability of local businesses to compete in the modernising business sector. The Memorandum of Understanding is in keeping with the E-Commerce Philippine 2022 Roadmap agenda, which aims to promote cross-border partnership and market access through trade agreements and engagement programmes with key e-commerce trading partners.

While Singapore has undertaken a similar digitisation initiative with China. Singapore’s Minister of Communications and Information (MCI) and the Infocomm Media Development Authority (IMDA) announced the signing of eight (8) Memoranda of Understanding (MoU) and the unveiling of fourteen (14) new joint projects as part of the Singapore-China (Shenzhen) Smart City Initiative in November (SCI).

As they build economic recovery and resilience, Singapore and Shenzhen will actively establish a conducive business climate for firms to innovate and conduct cross-border transactions safely and smoothly. As the SCI began its third year of operation, the meeting noted that the number of new cooperative ventures doubled compared to the previous year.

Aside from that, on the 7th UK Singapore Financial Dialogue, dubbed Fintech Bridge, Singapore and the United Kingdom reaffirmed their commitment to expanding their financial ties. The FinTech Bridge will capitalise on fintech players’ active interest in payments, regulatory technologies, and wealth management. It will also provide structured participation that will aid in developing policy measures, improve evaluations of future challenges such as the development of distributed ledger technologies and data exchange, and facilitate trade and investment flow between different markets.

Additionally, both governments discussed recent innovations in the fintech sector, such as advances in crypto-assets, and agreed on significant areas for future collaboration. They examined their progress in tightening consumer protection legislation and implementing stable coin regulations. Both parties agreed that there is an urgent need to assist in the safe development of a digital assets ecosystem while ensuring that digital asset risks are constantly handled.

Indonesia Addressing Online Drug Trade

Share via

The National Cyber and Crypto Agency (BSSN) worked with the National Narcotics Agency (BNN) to oversee illegal drug sales and investigate illegal drug dealing on the dark web. To support the endeavour, both agencies elaborate on the e-Mindik application 2.0.

Golose hopes that in the future, all investigative administration exercises, from revealing narcotics cases, and money laundering, to uncovering cases in 2022, will be able to use the BNN’s e-Mindik application, allowing for the realisation of an Information Technology-based Integrated Criminal Justice System that is incorporated with ministries or other organisations.

“BNN has completed the construction and development of the BNN e-Mindik application version 2.0, which is one of the supporting components of the electronic-based government system (SPBE) authorised in the national strategy programme for eradicating corruption to promote the incorporation of the criminal justice system, which is applied through the expansion of a Judicial System database. Integrated Crime Based on Information Technology (SPPT-TI), “Pol. Petrus Reinhard Golose, Head of BNN Komjen, said in Jakarta.

The collaboration is an attempt to carry out the duties and functions of imposing the country’s defence and security sector in digital space, one of which is by using electronic certificates to speed up distribution while preserving the security of information related to cross-institutional narcotics cases.

Meanwhile, BNN and the BSSN signed a Memorandum of Understanding (MoU) on using electronic certificates to strengthen cyber security resilience. Hinsa Siburian, the head of BSSN, imparted information about the amount of danger of security threats that have risen in tandem with the level of use of information and communication technology.

“It needs an adaptable and sophisticated cyber security effort to defend all layers of the cyber world, including the information assets stored therein, from cyber threats and attacks of both technical and behavioural character,” Hinsa explained.

Hinsa also emphasises information about the amount of risk of security hazards that has developed in tandem with the level of use of information and communication technology. As a result, authorities must engage in an adaptive and inventive cyber security effort to defend all layers of cyberspace, including the information assets housed within, from cyber threats and attacks of both technical and social character.

Hinsa stated that social cyber-attacks use manufactured information to target ideas, choices, opinions, emotions, behaviour, opinions, and motivations to modify the way of thinking, belief systems, and human behaviour. The BSSN Cyber Threat Intelligence Team conducts cybersecurity patrols/monitoring on the dark web for unlawful operations, such as data theft, drug purchasing and selling, and sexual offences.

Aside from that, the National Cyber and Crypto Agency (BSSN) undertook competency testing activities to improve the agency’s ability to deal with cyber security threats. The BSSN Human Resources Development Centre (Pusbang SDM) in Depok, West Java, offers three certification programmes (Security Operation Centre, Information Security Auditor Assistant, and Junior Penetration Test).

According to Muhammad Iqro, Director of BSSN Cybersecurity and Password Human Resource Policy, human resource professional certification is highly essential since it is a form of acknowledgement of competence in cybersecurity within the national scope. The competencies become a critical component in understanding parts of information and communication technology, which is essential to anticipating the dynamics of the global and regional strategic environments, which evolve at a rapid and competitive pace.

Ikro noted that one of BSSN’s measures towards satisfying cyber and cypher security human resources effectively and efficiently was to construct a certification infrastructure in the cyber and cypher security sector by establishing the BSSN Professional Certification Agency (LSP).

Ikro believes that the BSSN HR who participate in the qualification test activities may mould and create LSP BSSN graduates with the work capabilities required in cybersecurity and receive national and international recognition for their competencies.

Thailand Intensifies Efforts to Combat Online Crime

Share via

Chaiwut Thanakmanusorn, Minister of Digital Economy and Society (DES), evaluated the effectiveness of the country’s efforts to prevent online crime. He directed Wetan Phuangsub, Deputy Permanent Secretary of the Ministry of Digital Economy and Society, to continue cracking down on illicit cross-border internet use, ghost SIM fixation, and the suppression of fraudulent accounts.

“The problem of cybercrime impacts many persons’ lives and possessions. The NBTC office dealt with many SIM owners who had not yet registered officially, thanks to the collaboration of the AMLO Office and the Banking Association in resolving the false account situation. Including the illicit use of the Internet throughout the nation and the Royal Thai Police, which hastens the prosecution of offenders,” Chaiwut praised.

Meanwhile, Thepsu Bowonchotdara, Deputy Secretary-General of the AMLO Office; Pol. Maj. Gen. Niwet Apawasin, Technology Crime Investigation Bureau; and Suthisak Tantayothin, Deputy Secretary-General of the NBTC Office, provided reports on progress in combating online crime.

To address ghost SIM issues, the NBTC has mandated that about 8,000 users with more than 100 SIM cards prove their identification by January 23. In addition, in the case of illicit cross-border internet trafficking, the NBTC has directed telecommunications service providers to investigate the use of cross-border internet services. The agency has also collaborated with necessary legal officials to check and locate the crime site and the perpetrator.

Meanwhile, the AMLO Office has issued a notification to resolve bogus accounts and suspected accounts used for unlawful activity. When a criterion for determining or revising the list of high-risk individuals arises, the notice alerts. The suspicious performance will be continuously monitored following that, in compliance with the Ministerial Regulation on Customer Fact-Awareness. Furthermore, the AMLO has notified financial institutions of around 1,000 identities of offenders. The financial institution will continue to take appropriate steps.

Aside from that, Thailand is increasing efforts to raise citizen awareness of cybercrime. The Electronic Transactions Development Agency (ETDA) and the Ministry of Digital Economy and Society have launched a programme to help people strengthen their online literacy abilities.

Chaiwut agrees that as Thailand enters the digital era, cyber dangers have intensified, with technology and online transactions driving practically all activity. With 59,794 online complaints, ETDA recorded an increase in online scams 348 times in 2022 (January – November 2022). In comparison, only 54 interactions were made in 2021.

The information was gathered via the online complaint-handling service of the 1212ETDA Online Help and Problem Management Centre. The contact centre observed that the most common internet scam is still online trading problems, followed by unlawful websites, call centre gangs, SMS fraud, etc.

Furthermore, the government has established an application to help safeguard individuals against internet scammers, fake news, and financial fraud, which are significant concerns in Thailand. The Ministry of Digital worked with the state-owned Krung Thai Bank to establish “Pao Tang,” an online scam and disinformation warning system.

The app will not only provide financial services, but it will also serve as another avenue for disseminating information, as confirmed by government organisations. The apps will issue warnings about internet fraud and fake news associated with financial fraud or financial crime. As a result, consumers can keep up with the current situation and manage the new complexity that has caused significant damage.

The technology will connect data from the Anti-Fake News Centre (AFNC) databases at the Ministry of Digital Affairs to service providers. Furthermore, the wallet software sends warnings regarding financial fraud and erroneous information in various formats.

Handling Future Digital Technology Impact with Michael Baron, CEO & Director of Baron Consulting Group

Share via

Adapting, adopting and shifting methods, models and processes are unavoidable as technology develops and advances. Manufacturing robots, artificial intelligence and machine learning are just a few examples of rapidly evolving new technologies.

These technologies have the potential to save costs while enhancing output and quality. They have a vast scope and the potential to revolutionise existing enterprises and personal lives. They can make people’s lives easier while also requiring less human engagement.

Companies have realised that such cutting-edge solutions can take over specific roles and increase operational accuracy, production and efficiency. Automation and digital improvements have improved analytical, technical, and management capacities. Even today, many large technology organisations have reached a broad economic scale without a large staff base.

As a result, the workforce and skillset needs will change. Organisations require fewer people in roles managed by tech creating a greater need for employees with specific abilities.

The impact and opportunities

In an exclusive interview with Mohit Sagar, CEO and Editor-in-Chief OpenGov Asia, Michael Baron, CEO & Director ​of Baron Consulting Group, Singapore, believes technology changes will be positive for most people. But technological advancement may disappoint others because they may be concerned that technologies may replace their jobs.

“There will be proactive people and that people who are reactive. It is important to understand that further development is essential for people, companies and governments, to keep the nations and businesses competitive. So, I think the future will positively impact those who want to embrace the technologies. We need to focus on development rather than on keeping everyone happy,” explains Michael.

People can embrace the new technology with better utilisation. As an example, he shared how people will have gotten used to a pass-card ticketing system. Some time ago, the technology was introduced in several countries in Southeast Asia and Australia. People had to learn to adapt to the new ticketing system if they wanted to use the public transport system. While initially challenging for many, people have gotten used to it and, indeed, prefer it.

Baron urges people to view new technology as a unique opportunity. Change happens all the time in almost all spheres – sometimes rapidly and other times gradually. Businesses need to adjust their service offerings based on technological developments. It may require performing specific technology-related tasks for the companies which are no longer relevant.

“I recall a very old Chinese saying that every crisis is an opportunity. You can say that I lost my job and I lost my business proposition many times and I don’t see it as drama. I see it as an opportunity. See it as an interesting experience, a natural transformation,” Baron offers.

From a personal perspective, the analytics engine, for instance, has helped him to become a better chess player. The tools can help him to perform better in online chess games by analysing his game, understanding his mistakes and what opportunities he misses and suggesting what he should learn and how he can do better next time.

The same idea goes for organisations or governments. The private and public sectors can do better through digital transformation and utilise technological advancement to maintain their position in the marketplace. It’s not a matter of enjoying it or not embracing the norm, it’s a matter of survival. It’s a matter of remaining relevant, of addressing the challenges by delivering better.

According to Baron, what is happening now is that traditional players are losing market share very fast and possibly don’t even understand the market anymore. So, it is vital to reshape themselves, adopt new goals and embrace new technology.

As a big fan of predictive analytics, he believes that analytics can break into the past to build a better future. Citing a Greek philosopher that said history repeats itself implies this results in variations in a range of operations. So predictive analytics will play a role in calculating the future based on what happened in the past and emulate it for future problems.

In terms of challenges, Baron believes that security, privacy and controls will still be a big problem in the future. Ethical factors are also emerging around the globe today. Organisations with international presence have to comply with all the multiple countries’ respective laws and regulations regarding data ownership and management.

Sooner or later, organisations need to ensure compliance. Even though technology tends to develop faster than legal frameworks, ultimately all countries create regulatory frameworks.

Cultural spirit and political drive

Baron is convinced that both the private and public sectors can drive the technology improvements. Whether it is public or private-driven innovation, it is essential to keep forward-facing if an organisation or a nation intends to survive.

He acknowledges several governments’ efforts to stay ahead of the digital transformation journey, such as Japan, China and Singapore. These countries demonstrate how they can be leaders through cultural spirit and technology utilisation rather than only depending on their natural resources.

After World War Two, Japan’s economy was in a very difficult situation, dealing with the devastation and a lack of natural resources. They faced these challenges head-on by utilising technology and aggressively pursuing digital solutions. Eventually, they not only became a leading economy but were a global benchmark for development.

China, too, has a robust digital and technology vision for the country and has seen remarkable success. From a largely agrarian/rural society, it is now the second-largest economy worldwide. It is a great example of how political will plays a significant role in driving technology-enabled progress.

As for Singapore, the country has become a leading exponent of technology and digital innovation. Compensating for a lack of resources with heavy investment in technological development, innovation and education. They have harnessed their multicultural heritage and been wise in how they use their existing resources. Infrastructure, policies and pathways have made the nation a preferred destination for investment and international tech workers.

LKYGBPC entrepreneurial pathway

Technology development has a massive impact on future employment, hence the entrepreneurial path is one of the solutions to answering the challenge. As a member of the International Judging Panel (IJP) for the Lee Kuan Yew Global Business Plan Competition (LKYGBPC), Baron encourages people not just to embrace the ideas of others but to work with their ideas. He believes that everybody has something to bring to the table.

Teaching about technologies and related subjects, helping people acquire the necessary skills and traits, and providing the right environment is essential to foster entrepreneurship. But a little more is needed to create a culture of entrepreneurship.

He considers the international competition a fantastic way to bring a lot of global talent together to actualize their dream, to be inspired, express their concerns,and to find solutions. The competition creates the right environment to put ideas together and tailor them to suit specific marketplaces.

The competition is a chance for people with ideas to organise themselves, present their ideas to the big wide world and have a shot at being successful. To Baron, there should be more calls for international competitions they allow ideas to travel beyond the borders to create a better future for the world.

The Philippines National Police Promotes SIM Registration

Share via

The Philippine National Police (PNP) is one of the major agencies tasked combat cybercrime. The agency has been monitoring crimes involving technology and has noted a significant increase over the years. PNP Chief Gen. Rodolfo Azurin Jr. believes the robust implementation of the SIM Registration Act implementation would be an effective method of dealing with cybercrime and cyber criminals.

“Through this timely and relevant legislation, we are closing all windows of opportunity for criminal elements to take advantage by requesting that all mobile phone users immediately comply with the law,” Chief Gen. Azurin Jr said. “Rest assured, under my leadership, the PNP will do everything in our power and mandate to make this happen.”

Chief Gen. Azurin Jr. has directed PNP employees to comply with the Subscriber Identity Module (SIM) Registration Act as soon as possible. All 227,000 PNP officers and rank-and-file personnel are encouraged to ask their families and household members to register following Republic Act No. 11934. He also directed the PNP DICTM (Directorate for Information and Communications Technology Management) to keep track of PNP personnel’s compliance.

With many Filipinos being victimised by text scams and data breaches daily, Interior Secretary Benjamin Abalos Jr. believes that the law would allow the Philippine National Police and other law enforcement agencies to respond quickly to complaints and cases involving mobile scams. The Act makes it easier for the PNP to track down offenders and resolve misconduct involving telecommunication devices.

The Republic Act 11934, also known as the Subscriber Identity Module (SIM) Card Registration Act is predicted to significantly reduce electronic communication-aided criminal acts that are commonly committed in anonymity. The Philippine National Police and other law enforcement agencies would be able to readily trace criminals and address misconduct involving telecommunication devices under this new law, allowing them to respond rapidly to complaints and cases involving mobile scams.

The National Telecommunications Commission (NTC) reported that over 3 million SIM cards were successfully registered across all three telecommunications companies in the first two days of SIM registration implementation. For the first seven days after the rollout begins, telcos must submit a daily report to the NTC.

Subscriptions will then have 180 days to register their SIM cards before mid-2023 or from the date of purchase. The government urged users to subscribe immediately before the timeline ended. NTC Deputy Commissioner Jon Paulo Salvahan believes the Philippines will achieve 160-180 million SIM registrations within the time frame.

Furthermore, the Department of Information and Communications Technology (DICT) reported on Thursday that it had received nearly 500 SIM card registration complaints. According to DICT, the first 15 days of SIM registration are considered a test period. Some glitches or technical issues are expected during the period as public telecommunications entities (PTEs) fine-tune their respective processes. During this 15-day test period, PTEs can assess what they need to improve to make the registration process more efficient and user-friendly.

To deal with the growth of cyber threats, the Department of Information and Communications Technology (DICT) will launch short-term courses and long-term cybersecurity programmes to strengthen the country’s cybersecurity workforce. The efforts in response to the increased demand for cybersecurity experts and the USAID study show a need for cybersecurity skills felt by both the private and public sectors.

The final report, “National Cybersecurity Talent Workforce Assessment Report of the Philippines,” was completed in October and formally presented in December. The report investigates the current cybersecurity challenges, gaps, and positions. The report emphasises the country’s current need for credentialed or certified cybersecurity workforce.

Only 200 certified cybersecurity experts or those with Certified Information Systems Security Professional (CISSP) certifications are currently available in the Philippines. Furthermore, only about 30% of these accredited experts work in the country, with the remainder working abroad.

Recommended Stories

Linkedin-in Twitter Facebook-f Youtube Instagram

© 2022 OpenGov Asia – CIO Network Pte Ltd.

Send this to a friend