Close to four months ago, everyone’s lives came to a standstill as the pandemic raced across the globe.
But one sector that had to do the heavy lifting during this crisis was the medical industry.
Unlike other industries that were not working or had slowed down during the pandemic, medical professionals, staff and related industries were working harder than ever to ensure the safety of mankind.
However, one big threat that they were also exposed to was the threat of a cyberattack. As the amount of stored data in the medical organisations rose exponentially, they became the prime targets of bad actors in the cyberspace.
With such high traffic and patient intakes, the hospitals lacked the effective processes and controls in place to detect, respond to, mitigate and recover from breaches and other security events.
This is where the Security Operations Centre (SOC) for cybersecurity engagements comes in.
Understanding the relevance of this topic in the current time, OpenGov Asia organised its latest Virtual Breakfast insight on 7 July 2020 to discuss how medical institutions can cope with the cyberthreats.
The event saw a full house with senior profiles from the IT departments of prominent hospitals and healthcare institutions in Singapore, Malaysia, Thailand and Philippines in attendance.
Mohit Sagar, Group Managing director and Editor-in-Chief at OpenGov Asia set the ball rolling by giving a background of why there is an urgent need to secure the sector from the bad cyber actors.
He illustrated this point with a video at the beginning of the session.
Mohit emphasized that the job of security officers in organisation has become even tougher in these uncertain times.
Both the organisational and the personal data is exposed to a real threat of being misused in today’s environment and the only way to stay safe is to collaborate efforts in the cybersecurity space.
He advised the delegates to have the right people around who can work together in collaboration.
After the opening session, Siang Tiong Yeo, General Manager, SEA for Kaspersky shared their learning on keeping data secure in the healthcare environment.
Siang Tiong began by saying that in today’s era information is power. And a lot of us might not realise it but health care is the greatest data trove today.
The healthcare industry is completely focused on saving lives and that keeping their data secure is slightly lower in their priority.
Cybercriminals have taken full advantage of this. The recent trends of cyberattacks in the healthcare domain provide good evidence for this.
Siang Tiong shared that in the past few months the frequency of data breaches, Cyberespionage, identity theft, etc. have shot up.
He also observed that the recent cyber-attacks have evolved overtime and become more sophisticated.
Additionally, as hospitals and healthcare institutions are becoming increasingly interconnected, the surface area for attacks is also expanding exponentially.
Siang Tiong concluded by advising the delegates to be prepared in advance for the next cyber-attack. He explained that to be prepared means having the right people, processes and technology to safeguard the organisation from the bad actors.
Siang Tiong’s presentation was followed by a presentation by Gagandeep Singh, Group Chief information Security officer at IHH Healthcare Berhad.
Gagandeep began by talking about his own viewpoint of a SOC and the various objectives it should serve. He emphasised 4 key aspects:
- Traditional ways of keeping logs and rules is now outdated
- Monitoring network traffic and analysing is imperative
- Skilled resources are the most important asset
- Following compliance is vital
He then summarised by saying that there is a need for SOC to mature and constantly update itself with current developments.
As the new channels of attack (Phishing and DNS etc) evolve, the SOC needs to be updated accordingly.
After Gagandeep’s insightful sharing the session moved into an interactive polling session.
On the question of primary cybersecurity concerns, there was a split audience between ransomware attacks (29%) and insider threats (29%).
One delegates, a senior executive from a Thailand, shared that he voted for ransomware as the primary cybersecurity concern as it helps hackers earn quick money. Thus, they are more actively planning these kinds of attacks.
On the next question on how you stay ahead of security updates, the majority were inclined towards threat intelligence report subscriptions (52%).
The Director for Global Research & Analysis Team – APAC, Kaspersky shared his thoughts from a security research perspective. He believes that of all the other options, intelligence reports are the only one that will help organisations stay ahead as it is knowledge shared though private channels.
The drawback with other (open) resources is that even the bad actors have access to it and they are constantly improving from that knowledge.
On the final question of proactively preventing cybersecurity attack, the participants we divided between threat intelligence (35%) and security assessment services (35%).
A senior delegate from Singapore shared that he voted for threat intelligence as it helps an organisation stay a step ahead of the bad attackers and be prepared.
The session concluded with closing remarks from Siang Tiong where he shared some of the tools from Kaspersky that help organisations protect themselves from cyber-attacks. He advised the delegates to stay ahead by meticulous monitoring and accurate detection.
A spin-off company from NUS, Breathonix Pte Ltd, has developed an easy-to-use breath test to detect COVID-19 within a minute.
This innovative technology, which is believed to be the first in Asia, has achieved more than 90 per cent accuracy in a Singapore-based pilot clinical trial that involved 180 patients.
Breathonix was founded by NUS graduates, Dr Jia Zhunan and Mr Du Fang, and is supported by the NUS Graduate Research Innovation Programme, a programme that encourages the University’s graduate students and research staff to establish and run high potential start-ups based on deep technologies.
“Our breath test is easy to administer, and it does not require specially-trained staff or laboratory processing. Results are generated in real-time, making it an attractive solution for mass screening, especially in areas with high human traffic. We believe our breath analysis platform shows promise in changing the tides of this pandemic,” said Dr Jia, Chief Executive Officer of Breathonix.
Quick real time diagnosis
The revolutionary breath analysis technology developed by Breathonix offers a fast and convenient solution to identify COVID-19 infection. It works by detecting Volatile Organic Compounds (VOCs) present in a person’s exhaled breath.
Dr Jia explained, “VOCs are consistently produced by various biochemical reactions in human cells. Different diseases cause specific changes to the compounds, resulting in detectable changes in a person’s breath profile. As such, VOCs can be measured as markers for diseases like COVID-19.”
The test is simple to administer. A person only needs to blow into a disposable mouthpiece connected to a high-precision breath sampler. The exhaled breath is collected and fed into a cutting-edge mass spectrometer for measurement. A machine learning software analyses the VOC profile and generates the result in less than a minute.
“The disposable mouthpiece that our system uses has a one-way valve and a saliva trap, preventing inhalation and any saliva from entering the machine. This makes cross-contamination unlikely,” said Mr Du, Chief Operating Officer of Breathonix.
Pilot clinical trial conducted in Singapore
The team at Breathonix collaborated with the National Centre for Infectious Diseases (NCID), to test their breath analysis system for COVID-19 detection.
In a pilot clinical trial involving 180 patients, Breathonix’s breath test, which uses in-built machine learning algorithms, achieved more than 90 per cent accuracy, with sensitivity-correctly identify those with the disease of 93 per cent, and specificity – correctly identify those without the disease of 95 per cent.
The clinical trial is ongoing, and more tests are required to further improve the accuracy of the technology.
If assessed to be suitable, this breath analysis platform could potentially be deployed in airports to facilitate the recovery of the tourism sector, as well as in places with high human traffic, such as dormitories.
The NUS GRIP team led by Professor Freddy Boey, Deputy President (Innovation & Enterprise), is providing advice to Breathonix to obtain regulatory approvals for their technology and to deploy their system for mass screening.
Prof Boey said, “The novel technology to analyse VOCs accurately and quickly was first developed by Dr Jia Zhunan when she was a PhD student, for early detection of lung cancer. The technology was birthed through NUS GRIP, into the start-up Breathonix, and it is now contributing to Singapore’s fight against COVID-19. This demonstrates the huge potential of Singapore’s home-grown technologies and deep-tech start-ups. NUS is proud of the progress Breathonix has made since its inception, and we look forward to seeing their technology being deployed in Singapore in the near future to protect the health and well-being of the community.”
Photo – Breathonix is founded by Dr Jia Zhunan (left) and Mr Du Fang (middle). With them is NUS Deputy President (Innovation & Enterprise) Professor Freddy Boey (right).
Suffering from dry, itching hands due to daily multiple washes times with chemical disinfectants and soap as protection against contact infection of COVID 19 may well be over. New-age sustainable disinfectants and sanitisers may soon bring relief from chemical ones with their side effects. A number of Indian start-ups are now armed with a range of sustainable alternatives to conventional chemical-based decontaminants that can disinfect surfaces and even microcavities.
The structures and processes which made these extraordinary achievements possible are being incorporated in the upcoming Science, Technology and Innovation Policy 2020, confirmed Prof. Ashutosh Sharma, DST Secretary. They include technologies for disinfection of the biomedical waste generated at hospitals and the use of novel nanomaterials and chemical process innovations for long-lasting and safe sterilisation of the recurrent use surfaces.
Safe disinfection and sanitisation technologies have come from 10 companies supported by the Centre for Augmenting WAR with COVID-19 Health Crisis (CAWACH), an initiative by the National Science & Technology Entrepreneurship Development Board (NSTEDB), Department of Science and Technology (DST) implemented by Society for Innovation and Entrepreneurship (SINE), IIT Bombay.
A Mumbai based start-up, with expertise in treating complex polluted water and wastewater, modified their technology to design and develop a system, VAJRA, for space and equipment disinfection to fight COVID 19 contamination. The VAJRA KE Series incorporates a disinfection system consisting of a multistage disinfection process by incorporating electrostatic discharge that generates ozone and the powerful sterilising effects of UVC light spectrum. Advanced oxidation, electrostatic discharge and UVC light spectrum are deployed to inactivate the viruses, bacteria, and other microbial strains present on the PPE. This saves costs by making the PPE, medical and nonmedical gear reusable.
Coimbatore based purification company offers advanced sterilisation solutions. It is using environmentally-sound micro-cavity plasma technology. This novel technology, where the disinfectant is produced directly from air or oxygen, offers a sustainable alternative to conventional chemical-based decontamination. The Complete Sterilisation by Microplasma Oxidation (COSMO) system can rapidly disinfect Covid-19 infected areas, including quarantine facilities, ambulatory care, and equipment surfaces. This innovative micro-plasma sterilisation system offers compact and scalable modular units which are robust, flexible, and energy-efficient.
The disinfectant is produced on-site, thereby eliminating the transport, storage, and handling of hazardous chemicals. These decontamination systems are 10 times less than the conventional system of equivalent capacity, making it suitable for resource constraint environments. Their advanced sterilisation systems surpass hypochlorite and other traditional disinfectants in its ability to neutralise multi-drug resistant pathogens. The company has already provided customised solutions to hospitals and healthcare settings to sterilise selective critical care areas. They have also taken this innovation to vulnerable communities. Presently their advanced integrated micro-plasma oxidation system for rapid sterilisation has been fully developed and tested rigorously for commercial use.
A mechanical hand sanitising dispenser machine which quantifies the steps of hand sanitisation through touchless, real-time monitoring via dashboard is offered by a Chennai based startup. A bio-solution company from Pune has developed silver nanoparticles based on non-alcoholic liquid sanitiser. Their technology pending for patent also inhibits the RNA replication activity – preventing the spread of the virus and blocks surface glycoproteins – making the virus ineffective.
An instant microwave-based handheld steriliser ATULYA and a microwave-assisted cold sterilisation device OPTIMASER for hazardous biomedical waste disinfection and making linen and PPE reusable is the offering from Lucknow based Maser Technology.
OPTIMASER is microwave-assisted cold sterilisation superior technological advancement over the conventional Autoclave. It allows for disinfection and sterilisation of the PPE Kits and the masks to ensure the 100 reusabilities, ensuring the cost-effectiveness. ATULYA is an Instant Microwave based handheld steriliser which offers the cutting edge over the UV tube-based steriliser, sanitising sprays and all the possible methods of sterilisation & protection.
Incubators like SINE IIT Bombay FIIT, IIT Delhi, SIIC, IIT Kanpur, HTIC, IIT Madras, Venture Centre, Pune, IKP Knowledge Park, Hyderabad, KIIT-TBI, Bhubaneswar provided timely advice on technical progress, guided the startups to follow all necessary guidelines, signing of MoUs, etc.
The COVID-19 Pandemic has dominated 2020 and seems to be poised to take over at least the first half of 2021.
But what have we learnt from the unprecedented health crisis of the past year? Have we gleaned enough to be well prepared for the next pandemic or natural disaster? Have governments and organisations gained adequate insights to be resilient and continue operations during future critical events?
These are some crucial questions that must be answered to know how well prepared you are for the next major critical event. OpenGov Asia delved into these important issues at its recent OpenGovLive! Virtual Insight with delegates from Singapore, Australia, India and Hong Kong.
Keeping with the OpenGov Asia track record, there was 100% attendance from delegates who were fully immersed in the interactive OpenGov Asia experience.
A collective and coordinated effort of different parts of an organisation is key to strengthen resilience
Mohit Sagar, Group Managing Director and Editor-in-Chief at OpenGov Asia gave an overview of the session with the audience with his opening presentation.
Mohit recounted historically countries across the globe have been overcome different kinds of disasters individually or is clusters but never have they encountered such a situation where the whole world has been hit by a crisis of such magnitude.
This is part of the reason organisations and leaders were stopped dead in their tracks when the pandemic initially hit. There was a lot of panic in the general public as well as top leaders as at the most basic of the necessities seemed endangered at the start.
No one was prepared to run entire businesses with people locked up at home. Business continuity management plans did not take into consideration a critical event od such scope and depth.
The world is at a tipping point and will be quite unstable until there are concrete signs of an effective cure and vaccine. So, organisations must put together all their resources in a coordinated manner with sound planning to keep operations running without compromising the safety of people.
Mohit left the audience with advice to partner with experts in Critical Event Management space rather than trying to come up with a solution on their own.
Being prepared in advance is the secret to successful critical event management
After Mohit laid the foundation, Graeme Orsborn, Vice President – International CEM Business Unit, Everbridge shared his insights on the topic.
Graeme began by very simply explaining the meaning of critical event management. When things that people care about like our friends, family, staff, infrastructure, supply chain and reputation intersect with threats like physical disruption, threats, system failures etc., that leads to a critical event.
All organisations are undergoing a fundamental shift in the way they operate our businesses and the key is to be prepared in advance for the impending danger or critical event.
Graeme went on to acknowledge that while being prepared sounds very simple and easy, implementing it can be quite a challenge for organisations. Currently, the process of managing critical events is largely manual, disjointed and takes significantly longer to work through.
He enumerated the challenges to critical event management as follows:
- Problems in locating who and what is impacted
- The criticality of impact on the assets
- Taking the right action to protect endangered business assets
- Analysing the situation to assess the effectiveness of a plan
After highlighting the problems, Graeme proposed the solution or the correct approach for dealing with critical events. He suggested a four-step strategy:
- Assess the context and severity of the critical event
- Locate and identify stakeholders and assets
- Take action to inform, notify, rally, collaborate and recover
- Analyse own performance and improve
He also shared with the audience the wide range of CEM solutions offered by Everbridge to help organisations mitigate risk and accelerate resolution when events become critical.
Graeme concluded his presentation by sharing Everbridge’s strategy to deal with the most recent critical event, i.e. the COVID-19 pandemic. The three broad parts of this solution included: Know your risk, protect your people, recover and protect your operations.
Make resilience a part of organisational culture to tackle critical events effectively
After Graeme’s presentation, Arunabh Mitra, Chief Continuity Officer, HCL technologies spoke on the topic at hand.
Arunabh opined that as a result of globalisation today, organisations are faced with several interconnected challenges. While on one side, processes like globalisation and industrial revolution are indicators of progress, on the other, risks hovering around them also have a cascading impact on all industries and sectors. He alluded to the fact that our world today is no longer a simple linear structure, rather it’s a system of systems highly interdependent.
He then expounded about the shocks and stresses that disrupt the usual operations and test the resilience of governments and organisations time and again. He shared with the delegates the iceberg model of disruptive events: better preparedness for the events we have better visibility of as we can relate to those events better. However, he conceded that the recovery path for the different events in the iceberg model will vary.
Arunabh moved on the COVID- 19 crisis and how it impacted organisations globally. He reiterated that it was an event unprecedented in scale, complexity and velocity.
He talked about the 3R wave or pattern of organisations’ response to the pandemic::
- Response: This was the initial stage of the hit when organisations were occupied with keeping their people safe and continuing business.
- Return and Reimagine: This stage kept organisations busy with envisioning and implementing what the new workspace will look like
- Reform: This is the stage when organisations are contemplating how to enhance productivity in the hybrid workspace.
Arunabh explained that companies that made people a priority, who had invested in resilience and who had made it a part of their culture, did it better than others.
He concluded his presentation by highlighting that the key to being truly resilient is to embed it in the DNA of every layer of the organisation with certain design principles in place.
After the informative presentations, it was now time for the interactive polling session with the delegates.
On the first question regarding an organisation’s preparedness to respond quickly and decisively to critical events, a majority of the delegates voted that they are well prepared but there is room for improvement (72%).
To this, a deputy director from a media company in Singapore reflected that after dealing with the recent pandemic, they are confident that they are prepared to deal with a future crisis but at the same time there is a lot that they still don’t know and can learn, so cannot be complacent.
On the next question about the department/organisational division responsible for leading the response and preparedness efforts during a critical event, a major chunk of the delegates voted for other than operations, human resource, Information and Technology, or the CEO (47%).
On this issue, a delegate from a public sector organisation shared that they have a separate safety division responsible for coordinating actions and preparedness at the advent of a crisis or a critical event.
On the final question of instant access to critical information needed to evaluate risk and take action during emergency events, 57% of delegates voted that they have established systems to spot events that could endanger company assets.
The president of a major healthcare organisation from India shared that since they are responsible for the lives of not just their employees but also their patients, they have made sure that they have the correct systems in place that inform them of an impending disaster.
After the interesting insights and sessions, Graeme once again addressed the audience to conclude the session.
He felt that it would be interesting to see how culture in organisations will undergo a shift to adapt to the new norm of working. He was also convinced that big data and analytics would play a major role in helping organisations to be more predictive and better prepared for future critical events.
Graeme urged delegates and their organisations to move from having a reactive approach to being proactive in their response to managing critical events and to leverage technology in their efforts.
The Ministry of Information and Communications (MIC) recently held a ceremony to promote the VNPT electric know your customer (eKYC) solution, which can detect abnormal features on ID cards and other personal documents.
It is part of a series of events aimed at introducing Vietnamese-made services in the nation’s national digital transformation until 2025 with a view to 2030. VNPT stated that among several other capabilities, eKYC can spot fake IDs, validate documents, authenticate portraits, detect invalid papers, and identify customer video calls, thanks to a large Vietnamese-specific database and the high accuracy of its optical character recognition.
According to a news report, the company says that the solution can warn about ID cards that have been tampered with, helping to reduce risk, shorten check-in times, and enhance security in information validation. eKYC has been developed based on cutting-edge technologies such as artificial intelligence (AI), blockchain, and biometric recognition.
At the ceremony, the Director of the Authority of Information Technology Application, Nguyen Huy Dung, praised the solution as a passport for entering the digital world.
Ngo Dien Hy, the General Director of VNPT-IT, noted that eKYC can be applied in many sectors such as banking and insurance whilst noting that the identity verification might not be completely accurate but can significantly minimise fraud.
The country has been prioritising the development and implementation of industry 4.0 technologies, including 5G. Earlier this month, the military-run Viettel High Technology Industries Corporation and VinSmart Research and Manufacture Joint Stock Company signed a cooperation agreement to create a 5G gNodeB base station system at a ceremony in Hanoi.
The signing ceremony took place under the direction of MIC. The Viettel Group and VinGroup plan to research and develop 5G technologies to successfully commercialise 5G broadcast stations owned by Vietnamese people. Accordingly, VinSmart is responsible for developing and supplying an 8T8R radio unit (RU); an 8T8R antenna; and a Massive MIMO Radio 64T64R (integrated with both RU and Antenna); VHT research and development of signal processing equipment (CU-DU); 5G core network system; providing 5G service and new technologies such as Beamforming and Multi-User Massive Mimo, which also provides high-speed services to many users.
The two sides agreed to complete the set of specifications for 5G base station products and complete two laboratories for each side. In November, the two sides will make the first test call on the 3,600 – 3,800 MHz frequency band.
The goal of VHT and VinSmart is to successfully commercialise the 5G gNodeB 8T8R base station on 30 June 2021 and the 5G gNodeB 64T64R base station on 30 June 2022, these will be the first high-quality 5G broadcast stations that are jointly owned by two Vietnamese technology groups.
Addressing the event, Member of Party Central Committee and MIC’s Minister Nguyen Manh Hung, the Deputy Head of the Party Central Committee (PCC)’s Communication and Education Commission, asked VinGroup to focus on developing radio. Viettel will focus on signal processing, the core network, and integration into commercial products.
The pandemic has caused widespread devastation across the world with cases inching towards 43 million even as the death toll crosses a million. The Philippines is also struggling to deal with the COVID-19. The country has recorded 370 thousand cases with fatalities touching 7,000 in this last week of October.
Researchers across the world are working ceaselessly to try and get a comprehensive picture of the virus, its epidemiology and management. Such large-scale, glocal research has been made possible with supercomputing facilities that can perform high-speed processing and computations.
Wide interconnectivity and global reach give it the capacity to empower multi-disciplinary efforts in medical and health research across facilities and experts spread across wide geographical areas. The incredible processing and analytic powers drive advancements in the development of treatments, vaccine and management of all diseases and pandemics, such as the COVID-19. Supercomputing facilities can process massive amounts of data, speed up simulations and provide large amounts of space need to store data and analytics. These capabilities allow access to virtual machines, massive cloud applications and coordination on a global scale – produce results a thousand times faster.
The Computing and Archiving Research Environment (COARE) is a supercomputing facility at the Department of Science and Technology-Advanced Science and Technology Institute (DOST-ASTI). The facility provides free services to researchers, scientists and students who need high computational resources, access to virtual machines and data archiving services. Currently, COARE has allocated its resources to institutions and researchers dedicated to dealing with COVID-19.
FASSSTER and TanodCOVID
Developed by the Ateneo de Manila University’s Ateneo Center for Computing Competency and Research (ADMU-ACCCRe) and in collaboration with the University of the Philippines Manila-National Telehealth Center (UP-NTCH) and the Department of Health-Epidemiology Bureau, the Feasibility Analysis of Syndromic Surveillance using Spatio-Temporal Epidemiological Modeler (FASSSTER) is a pandemic intelligence monitoring that assists the government’s real-time decision-making processes for COVID-19.
FASSSTER’s data warehouse features multiple modules used for collating, storing and filtering real-time information sourced from various health records and reports. Data from the warehouse is fed to a dashboard that produces analytical projections and computations that help decision-making processes and disease response.
One component and data source of FASSSTER is TanodCOVID, which helps people track and monitor COVID-19 symptoms and report it to their local health authorities through a self-reporting tool. Since March 2020, the COARE facility has been of crucial help to FASSSTER and TanodCOVID, providing access to its virtual cloud services to help them in their complex mathematical models and data warehouse needs.
COVID-19 Operations Center Monitoring System
The COVID-19 Operations Center Monitoring System is a data platform used by Local Government Units to help in management, tracking and monitoring of COVID-19 cases. The system consolidates COVID-19 data that is easily viewed on a dashboard. It includes visualisation features like heat maps and charts for monitoring at the municipality up to the barangay level and modules for encoding patient information and assigning patient records for contact tracing. COARE assists this platform by storing and analysing data through virtual servers.
Philippine Genome Center Research Initiatives
The Philippine Genome Center (PGC) of the University of the Philippines-Diliman is a genome-focused institution that currently prioritising research on COVID-19 – centred on phylogenetic analysis, computational studies, evolutionary analysis, molecular biology and in silico detection of COVID-19. COARE supports PGC by providing researchers access to the facility’s supercomputing services.
Folding@Home is an R&D project that helps combat worldwide diseases through research carried out through distributed computing. From March 2020, COARE offered its supercomputing resources to F@H research efforts by installing a dedicated folding node. Through this node, the project was able to utilise COARE’s resources for computational drug design, protein folding, molecular dynamics, and other COVID-19-related computer simulations.
University of the Philippines Cebu’s CovCheck Application
The Department of Computer Science and the FireCheck team of the University of the Philippines Cebu is developing a web application, CovCheck, that enables Local Government Units to manage and respond to the transmission of COVID-19 through the collection of data from constituents who have self-assessed and self-reported for COVID-19 symptoms. At present, COARE has helped by hosting the web application on its virtual servers.
ACCELER8 Project for SARS-CoV-2 Therapeutics
Faculty members and scientists from the University of the Philippines-Manila, Philippine Genome Center-Mindanao, and De La Salle University Manila are working on a research project – Advancing Antivirals through Combined Computational Design and Emerging Omics to Leverage Repurposed and Natural Drugs for SARS-CoV-2 Therapeutics (ACCELER8). COARE has given ACCELR8 researchers access to its supercomputing services to help them conduct simulations and data analysis on computational drug design and omics.
The federal government announced the establishment of a new industry advisory committee to help guide the implementation of its Cyber Security Strategy 2020. The Industry Advisory Committee will provide advice to the government through regular meetings and report directly to the Minister for Home Affairs.
The 2020 Cyber Security Strategy is firmly focused on protecting families and businesses, especially as they spend more time online, both at home and in their workplaces, the Minister for Home Affairs said. The Committee brings a wealth of experience from both the public and private sector that will build on the success of the Industry Advisory Panel and ensure the industry will continue playing a vital formative role in shaping the delivery of actions set out in the Strategy.
The work of the committee will be essential in light of the key role connected technologies are expected to play in Australia’s post-COVID recovery. While daily life is increasingly connected by digital technologies, more abundant and better-resourced cybercriminals and cyber-activists and increasingly sophisticated and emboldened state actors mean Australia is quite literally under constant cyberattack.
Meeting that challenge requires Australia’s cyber defences to be strong, adaptive and built around a strategic framework that is coordinated, integrated and capable — the 2020 Cyber Security Strategy provides that framework.
The committee will be chaired by the CEO of an Australian telecommunications company fresh off his stint as chair of the industry advisory panel that shaped the development of the new strategy. Meanwhile, the Chair of Australia’s sovereign cloud Infrastructure-as-a-Service (IaaS) provider will serve as Deputy Chair.
The new committee also has two other industry advisory panel members and joining these experts on the panel will be Cyber Security CRC CEO, the CEO of an Australian cloud, data centre, government cybersecurity and telecom company, and the Chairman a firm that provides real-time detection and ranging of objects and events.
Boosting cybersecurity government-wide
On a state level, the NSW government aims to streamline and standardise how agencies go about sourcing cybersecurity contractors by establishing a series of government-wide buying arrangements.
The Department of Customer Service this week approached the market to set up cybersecurity purchasing arrangements (CSPAs), as the need to secure the state’s digital services continues to increase. The arrangements will seek to overcome undisclosed “issues associated with the procurement of cybersecurity professional services to date”, and “ultimately facilitate cybersecurity uplift” across government.
Services expected to be covered by what will in effect be a panel include incident response, vulnerability assessment, maturity assessment, digital forensics, penetration testing and generic cybersecurity professional services.
This move comes in preparation for the government’s parliamentary inquiry into its handling of cybersecurity following a series of high-profile breaches, including an email compromise that saw 738Gb of data, or approximately 3.8 million documents, lifted from Service NSW.
The CSPAs will give agencies the confidence that they are procuring services from “capable suppliers” that have met a set criterion that ensures services are “fit for purposes” while minimising complexity.
This will involve “standardising the definition of services such that they are more easily understood by both buyers and suppliers allows for better comparison”, tender documents state.
The arrangements will also build on the government’s IT consultant fee caps introduced earlier this year by ‘locking in’ pricing. Suppliers will be expected to agree on “cost structures at the establishment of the CSPAs” to provide “confidence in the cost of engagements”.
The CSPAs will sit alongside the whole-of-government Cloud Purchasing Arrangements (CPAs), which were introduced by the department earlier this year to simplify public cloud procurement.
Having battled the global pandemic for more than 6 months and foreseeing its lasting impact in the times to come, it is important to ask how prepared we are for the life after COVID–19. What are some of the valuable lessons that we have learnt in the past few months that we must take with us as we venture into the ‘new normal’?
In an attempt to discover and delve into the answers to these questions, OpenGov Asia hosted an OpenGovLive! Virtual breakfast insight with financial industry executives based in Indonesia.
The timely and thought-provoking issues saw a 100% attendance and high engagement rate from the audience for the session.
Balancing digital transformation along with managing fraud and risk is a major challenge for banks
Mohit Sagar, Group Managing Director and Editor-in-Chief, OpenGov Asia set the tone for the discussion by pointing out that the new, transformed workspace is no longer a physical place that employees go to but a cluster of virtual work tools that lets employees stay productive anytime and anywhere.
This free and flexible style of working has posed a major challenge for the financial sector industry. They are under a lot of pressure to balance their digital transformation efforts with the increasingly stringent regulatory guidelines alongside managing stakeholder expectations.
Apart from being resilient, banks have to constantly ensure that they are compliant and not flouting any regulations to ensure their presence amongst other contemporaries.
Operational resilience, which was earlier a seldom-discussed topic in the boardrooms, has been elevated on the priority list of CIO’s.
Mohit also highlighted the fact that mere compliance is not enough to ensure survival in the post-COVID-19 world. Constantly pushing the envelope by innovating and thinking outside the box is more important than ever.
He left the audience with advice that to effectively manage these distinct aspects of their business, it would be expedient to seek help and support of partners who specialise in it and who can help them prioritise right in the new uncertain normal.
How SAS can help and support financial institutions in the post COVID era
After Mohit’s challenging opening, Anggaraini Rahayu, Director-FSI, SAS Indonesia, shared her insights on the topic.
Anggaraini began by explaining how SAS can support, help respond to sudden changes and mitigate risk for the financial institutions as they recover in the post COVID–era.
She shared that SAS is doing this by identifying the volatility in macroeconomic factors that are key drivers of change, building up data and analytics capabilities along the journey to recovery and getting ahead of the innovation curve and applying analytics for future strategies.
Anggaraini elaborated on the various trends and opportunities in the FSI that have emerged beyond the pandemic. They are enhanced focus on digital transformation, better integration of financial services to the monetary policies, the robustness of asset and liability management, heightened security risks and surge in contactless payments.
She also talked about the way SAS operates in the financial industry space by enabling effective operations and working with innovative solutions that are driving amazing outcomes for their customers. As SAS champions driving value from analytics, she some of their use cases across the financial institution value chain shared with the delegates.
Anggaraini delved into the biggest focus area of SAS I.e. risk management for banking and insurance industry. She shared with the delegates the details of the SAS fraud and security intelligence solutions and how it enables users to stay resilient and relevant in the post-COVID-era.
She concluded her presentation by sharing some successful implementations of the above-mentioned solution.
Speed of service delivery is of utmost importance in the new financial industry world
After Anngarani’s information-rich presentation, Gerard Mcdonell, Regional Solution Director Fraud & Security Intelligence, SAS came forward to share his perspectives with the audience.
In his very first slide, Gerard highlighted the importance of the speed of delivery in the post-Covid era. Banks and financial institutions are under a lot of pressure to meet the changing demands of their customers in this new world. The need to go digital for financial institutions in the current scenario comes with the downside of increased risk of financial crimes and fraud.
He underscored the need for speed by quoting Klaus Shwab, who said that in this new world it’s not the big fish that eat small fish but the fast fish eating the slow fish.
Gerard validated his statement by citing a recent example where a large European bank lost an opportunity to expand their market due to the lack of agility and velocity in their DNA.
He also echoed the sentiment that the pandemic has only exacerbated the situation for financial institutions forcing the unbanked population to make a leap to digital banking. This, on one hand, has added to the existing challenges for the banks but, on the other, has exposed them to a new customer base that they can tap on.
He went on to shed light on the ways AI can support them. They include accuracy and efficiency with compliance, quick identification of fraudulent transactions, fast and accurate credit scoring.
Gerard strongly advised the colleagues from the industry to embrace the latest advancements in AI to tap on this newly created customer base.
He concluded his presentation by sharing how SAS helped a major bank to significantly improve its fraud management by implementing the fraud management and credit authorisation solution together.
Learning to mitigate the effect of COVID-19 crisis in the financial sector industry
After Gerard, Alfanendya Safudi, Senior Vice President, Head of Credit Portfolio Risk at PT. Bank Mandiri shared his learnings with the delegates.
Alfanendya opened his slot by sharing that, just like the most of delegates and their organisations, Bank Mandiri had very limited visibility of the impact the COVID-19 crisis would have on the economy.
But early stress testing and contingency actions are key to mitigating the impact of COVID–19 outbreak. He ardently advocates stress testing as an effective way of mitigating COVID risk and also emphasised that the test needs to be updated frequently as well as supported by robust tools and systems.
He cautioned the delegates to not rely on a singular stress cycle and undergo multiple rounds of it as they did at Bank Mandiri.
Towards the end of his presentation, Alfanendya shared with the delegates how banks need to prepare as they move forward in the new normal. He also agreed that there is an increase in non-financial risks like fraud, scams, cyber-attacks etc. during the COVID-19 crisis that needs to be better prepared for in times to come.
After the informative presentations, it was now time for the more interactive part of the session: the polling questions and discussions.
On the question about your organisation having the tools to model out the P&L under a wide range of different economic and non-economic scenarios, a majority of the audience voted that they use traditional forecasting techniques, and they are good enough (77%).
One one of the delegated reflected that they are currently using the traditional techniques that are sufficient for now but they are also open to new technologies out there that can help them do it better.
On the question about the impact of the pandemic on their operational risk exposure, particularly relating to fraud and compliance, a major chunk of the delegates voted that increased online and application fraud, along with greater resource demands to keep AML/ KYC/ screening compliance under control have been impacted (50%).
A digital executive shared that increased online or payment fraud and application fraud are bigger impact areas in their organisation that they need to work on.
On the final question about the top priorities, while managing risk management portfolio, the delegates seemed divided between updating their legacy with a modernised risk infrastructure (36%) and using AI and machine learning for credit scoring, capital optimisation, back-testing and model validation and regtech (36%).
After the polling session, the Virtual Breakfast Insight reached a timely conclusion with closing remarks by Febrianto Siboro, Country Managing Director, SAS.
Febrianto began by thanking all the delegates and speakers for joining the session and sharing their insights with the audience. He encouraged the audience to make use of various AI/ML and analytics solutions by SAS to augment their service delivery and team SAS would be happy to entertain their queries and demonstrations for the same.